From 962720312cf1d657739a7731f5ca62cabc04ec77 Mon Sep 17 00:00:00 2001 From: chkp-edenbr <94056191+chkp-edenbr@users.noreply.github.com> Date: Sun, 16 Jun 2024 12:54:14 +0300 Subject: [PATCH] R82 resource modules part2 (#131) * v5.1.3 * ansible-lint bug fixes * ansible-lint bug fixes * ansible-lint bug fixes * R82 Resource Modules - part 1 * R82 Resource Modules - part 2 * Delete plugins/modules/cp_mgmt_gaia_api.py * Delete .idea/CheckPointAnsibleMgmtCollection.iml * R82 Resource Modules - part 3 * Update changelog.yaml --- CHANGELOG.rst | 56 +++++++ changelogs/changelog.yaml | 151 +++++++++++++++++- ..._mgmt_add_custom_trusted_ca_certificate.py | 4 +- .../modules/cp_mgmt_external_trusted_ca.py | 10 +- plugins/modules/cp_mgmt_https_rule.py | 1 - ..._import_outbound_inspection_certificate.py | 4 +- .../cp_mgmt_mobile_access_profile_rule.py | 1 - ...p_mgmt_mobile_access_profile_rule_facts.py | 2 +- .../cp_mgmt_mobile_access_rule_facts.py | 2 +- plugins/modules/cp_mgmt_mobile_profile.py | 24 ++- plugins/modules/cp_mgmt_network_probe.py | 12 +- plugins/modules/cp_mgmt_opsec_trusted_ca.py | 4 +- .../modules/cp_mgmt_opsec_trusted_ca_facts.py | 2 +- plugins/modules/cp_mgmt_passcode_profile.py | 8 +- .../cp_mgmt_set_cp_trusted_ca_certificate.py | 3 +- 15 files changed, 250 insertions(+), 34 deletions(-) diff --git a/CHANGELOG.rst b/CHANGELOG.rst index b66b0e1..f5586af 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -4,6 +4,62 @@ Check_Point.Mgmt Release Notes .. contents:: Topics +v6.0.0 +====== + +Release Summary +--------------- + +This is release 6.0.0 of ``check_point.mgmt``, released on 2024-06-16. + +Major Changes +------------- + +- New R82 Resource Modules +- Support relative positioning for sections + +New Modules +----------- + +- check_point.mgmt.cp_mgmt_add_custom_trusted_ca_certificate - Create new custom trusted CA certificate. +- check_point.mgmt.cp_mgmt_add_outbound_inspection_certificate - Add outbound-inspection-certificate +- check_point.mgmt.cp_mgmt_cp_trusted_ca_certificate_facts - Retrieve existing Check Point trusted CA certificate objects facts on Checkpoint devices.. +- check_point.mgmt.cp_mgmt_custom_trusted_ca_certificate_facts - Retrieve existing custom trusted CA certificate objects facts on Checkpoint devices. +- check_point.mgmt.cp_mgmt_delete_custom_trusted_ca_certificate - Delete existing custom trusted CA certificate using name or uid. +- check_point.mgmt.cp_mgmt_delete_outbound_inspection_certificate - Delete outbound-inspection-certificate +- check_point.mgmt.cp_mgmt_external_trusted_ca - Manages external-trusted-ca objects on Checkpoint over Web Services API +- check_point.mgmt.cp_mgmt_external_trusted_ca_facts - Get external-trusted-ca objects facts on Checkpoint over Web Services API +- check_point.mgmt.cp_mgmt_https_rule - Manages https-rule objects on Checkpoint over Web Services API +- check_point.mgmt.cp_mgmt_https_rule_facts - Get https-rule objects facts on Checkpoint over Web Services API +- check_point.mgmt.cp_mgmt_import_outbound_inspection_certificate - Import Outbound Inspection certificate for HTTPS inspection. +- check_point.mgmt.cp_mgmt_infinity_idp_facts - Get Infinity Identity Provider objects facts from the Infinity Portal. +- check_point.mgmt.cp_mgmt_infinity_idp_object_facts - Retrieve users/groups/machines objects facts from the Identity Provider. +- check_point.mgmt.cp_mgmt_mobile_access_profile_rule - Manages mobile-access-profile-rule objects on Checkpoint over Web Services API +- check_point.mgmt.cp_mgmt_mobile_access_profile_rule_facts - Get mobile-access-profile-rule objects facts on Checkpoint over Web Services API +- check_point.mgmt.cp_mgmt_mobile_access_profile_section - Manages mobile-access-profile-section objects on Checkpoint over Web Services API +- check_point.mgmt.cp_mgmt_mobile_access_rule - Manages mobile-access-rule objects on Checkpoint over Web Services API +- check_point.mgmt.cp_mgmt_mobile_access_rule_facts - Get mobile-access-rule objects facts on Checkpoint over Web Services API +- check_point.mgmt.cp_mgmt_mobile_access_section - Manages mobile-access-section objects on Checkpoint over Web Services API +- check_point.mgmt.cp_mgmt_mobile_profile - Manages mobile-profile objects on Checkpoint over Web Services API +- check_point.mgmt.cp_mgmt_mobile_profile_facts - Get mobile-profile objects facts on Checkpoint over Web Services API +- check_point.mgmt.cp_mgmt_multiple_key_exchanges - Manages multiple-key-exchanges objects on Checkpoint over Web Services API +- check_point.mgmt.cp_mgmt_multiple_key_exchanges_facts - Get multiple-key-exchanges objects facts on Checkpoint over Web Services API +- check_point.mgmt.cp_mgmt_network_probe - Manages network-probe objects on Checkpoint over Web Services API +- check_point.mgmt.cp_mgmt_network_probe_facts - Get network-probe objects facts on Checkpoint over Web Services API +- check_point.mgmt.cp_mgmt_opsec_trusted_ca - Manages opsec-trusted-ca objects on Checkpoint over Web Services API +- check_point.mgmt.cp_mgmt_opsec_trusted_ca_facts - Get opsec-trusted-ca objects facts on Checkpoint over Web Services API +- check_point.mgmt.cp_mgmt_outbound_inspection_certificate_facts - Get outbound-inspection-certificate objects facts on Checkpoint over Web Services API +- check_point.mgmt.cp_mgmt_passcode_profile - Manages passcode-profile objects on Checkpoint over Web Services API +- check_point.mgmt.cp_mgmt_passcode_profile_facts - Get passcode-profile objects facts on Checkpoint over Web Services API +- check_point.mgmt.cp_mgmt_set_cp_trusted_ca_certificate - Edit existing Check Point trusted CA certificate using name or uid. +- check_point.mgmt.cp_mgmt_set_gateway_global_use - Enable or disable global usage on a specific target. +- check_point.mgmt.cp_mgmt_set_internal_trusted_ca - Edit existing Internal CA object. +- check_point.mgmt.cp_mgmt_set_outbound_inspection_certificate - Edit outbound-inspection-certificate +- check_point.mgmt.cp_mgmt_show_gateway_global_use - Show global usage of a specific target. +- check_point.mgmt.cp_mgmt_show_internal_trusted_ca - Retrieve existing Internal CA object. +- check_point.mgmt.cp_mgmt_show_mobile_access_profile_section - Retrieve existing Mobile Access Profile section using section name or uid. +- check_point.mgmt.cp_mgmt_show_mobile_access_section - Retrieve existing Mobile Access section using section name or uid. + v5.2.3 ====== diff --git a/changelogs/changelog.yaml b/changelogs/changelog.yaml index be93263..720c9f7 100644 --- a/changelogs/changelog.yaml +++ b/changelogs/changelog.yaml @@ -957,5 +957,154 @@ releases: release_summary: This is release 5.2.3 of ``check_point.mgmt``, released on 2024-03-04. fragments: - - 5.2.2.yml + - 5.2.3.yml release_date: '2024-03-04' + 6.0.0: + changes: + major_changes: + - New R82 Resource Modules + - Support relative positioning for sections + release_summary: This is release 6.0.0 of ``check_point.mgmt``, released on + 2024-06-16. + fragments: + - 6.0.0.yml + modules: + - description: Create new custom trusted CA certificate. + name: cp_mgmt_add_custom_trusted_ca_certificate + namespace: '' + - description: Add outbound-inspection-certificate + name: cp_mgmt_add_outbound_inspection_certificate + namespace: '' + - description: Retrieve existing Check Point trusted CA certificate objects facts + on Checkpoint devices.. + name: cp_mgmt_cp_trusted_ca_certificate_facts + namespace: '' + - description: Retrieve existing custom trusted CA certificate objects facts on + Checkpoint devices. + name: cp_mgmt_custom_trusted_ca_certificate_facts + namespace: '' + - description: Delete existing custom trusted CA certificate using name or uid. + name: cp_mgmt_delete_custom_trusted_ca_certificate + namespace: '' + - description: Delete outbound-inspection-certificate + name: cp_mgmt_delete_outbound_inspection_certificate + namespace: '' + - description: Manages external-trusted-ca objects on Checkpoint over Web Services + API + name: cp_mgmt_external_trusted_ca + namespace: '' + - description: Get external-trusted-ca objects facts on Checkpoint over Web Services + API + name: cp_mgmt_external_trusted_ca_facts + namespace: '' + - description: Manages https-rule objects on Checkpoint over Web Services API + name: cp_mgmt_https_rule + namespace: '' + - description: Get https-rule objects facts on Checkpoint over Web Services API + name: cp_mgmt_https_rule_facts + namespace: '' + - description: Import Outbound Inspection certificate for HTTPS inspection. + name: cp_mgmt_import_outbound_inspection_certificate + namespace: '' + - description: Get Infinity Identity Provider objects facts from the Infinity + Portal. + name: cp_mgmt_infinity_idp_facts + namespace: '' + - description: Retrieve users/groups/machines objects facts from the Identity + Provider. + name: cp_mgmt_infinity_idp_object_facts + namespace: '' + - description: Manages mobile-access-profile-rule objects on Checkpoint over Web + Services API + name: cp_mgmt_mobile_access_profile_rule + namespace: '' + - description: Get mobile-access-profile-rule objects facts on Checkpoint over + Web Services API + name: cp_mgmt_mobile_access_profile_rule_facts + namespace: '' + - description: Manages mobile-access-profile-section objects on Checkpoint over + Web Services API + name: cp_mgmt_mobile_access_profile_section + namespace: '' + - description: Manages mobile-access-rule objects on Checkpoint over Web Services + API + name: cp_mgmt_mobile_access_rule + namespace: '' + - description: Get mobile-access-rule objects facts on Checkpoint over Web Services + API + name: cp_mgmt_mobile_access_rule_facts + namespace: '' + - description: Manages mobile-access-section objects on Checkpoint over Web Services + API + name: cp_mgmt_mobile_access_section + namespace: '' + - description: Manages mobile-profile objects on Checkpoint over Web Services + API + name: cp_mgmt_mobile_profile + namespace: '' + - description: Get mobile-profile objects facts on Checkpoint over Web Services + API + name: cp_mgmt_mobile_profile_facts + namespace: '' + - description: Manages multiple-key-exchanges objects on Checkpoint over Web Services + API + name: cp_mgmt_multiple_key_exchanges + namespace: '' + - description: Get multiple-key-exchanges objects facts on Checkpoint over Web + Services API + name: cp_mgmt_multiple_key_exchanges_facts + namespace: '' + - description: Manages network-probe objects on Checkpoint over Web Services API + name: cp_mgmt_network_probe + namespace: '' + - description: Get network-probe objects facts on Checkpoint over Web Services + API + name: cp_mgmt_network_probe_facts + namespace: '' + - description: Manages opsec-trusted-ca objects on Checkpoint over Web Services + API + name: cp_mgmt_opsec_trusted_ca + namespace: '' + - description: Get opsec-trusted-ca objects facts on Checkpoint over Web Services + API + name: cp_mgmt_opsec_trusted_ca_facts + namespace: '' + - description: Get outbound-inspection-certificate objects facts on Checkpoint + over Web Services API + name: cp_mgmt_outbound_inspection_certificate_facts + namespace: '' + - description: Manages passcode-profile objects on Checkpoint over Web Services + API + name: cp_mgmt_passcode_profile + namespace: '' + - description: Get passcode-profile objects facts on Checkpoint over Web Services + API + name: cp_mgmt_passcode_profile_facts + namespace: '' + - description: Edit existing Check Point trusted CA certificate using name or + uid. + name: cp_mgmt_set_cp_trusted_ca_certificate + namespace: '' + - description: Enable or disable global usage on a specific target. + name: cp_mgmt_set_gateway_global_use + namespace: '' + - description: Edit existing Internal CA object. + name: cp_mgmt_set_internal_trusted_ca + namespace: '' + - description: Edit outbound-inspection-certificate + name: cp_mgmt_set_outbound_inspection_certificate + namespace: '' + - description: Show global usage of a specific target. + name: cp_mgmt_show_gateway_global_use + namespace: '' + - description: Retrieve existing Internal CA object. + name: cp_mgmt_show_internal_trusted_ca + namespace: '' + - description: Retrieve existing Mobile Access Profile section using section name + or uid. + name: cp_mgmt_show_mobile_access_profile_section + namespace: '' + - description: Retrieve existing Mobile Access section using section name or uid. + name: cp_mgmt_show_mobile_access_section + namespace: '' + release_date: '2024-06-16' diff --git a/plugins/modules/cp_mgmt_add_custom_trusted_ca_certificate.py b/plugins/modules/cp_mgmt_add_custom_trusted_ca_certificate.py index ba8f66b..796ddc6 100644 --- a/plugins/modules/cp_mgmt_add_custom_trusted_ca_certificate.py +++ b/plugins/modules/cp_mgmt_add_custom_trusted_ca_certificate.py @@ -52,7 +52,7 @@ - name: add-custom-trusted-ca-certificate cp_mgmt_add_custom_trusted_ca_certificate: base64_certificate: - MIIEkzCCAnugAwIBAgIVAO5SRZQELwNNhWF+8st6ox9uXYgeMA0GCSqGSIb3DQEBCwUAMIGrMQswCQYDVQQGEwJJTDEPMA0GA1UECBMGSXNyYWVsMS4wLAYDVQQKEyVDaGVja1BvaW50IFNvZnR3YXJlIF + "MIIEkzCCAnugAwIBAgIVAO5SRZQELwNNhWF+8st6ox9uXYgeMA0GCSqGSIb3DQEBCwUAMIGrMQswCQYDVQQGEwJJTDEPMA0GA1UECBMGSXNyYWVsMS4wLAYDVQQKEyVDaGVja1BvaW50IFNvZnR3YXJlIF lY2hub2xvZ2llcyBMVEQuMQwwCgYDVQQLEwNNSVMxIjAgBgNVBAMTGUNoZWNrUG9pbnQtU1NMLUluc3BlY3Rpb24xKTAnBgkqhkiG9w0BCQEWGmlsX3NlY3VyaXR5QGNoZWNrcG9pbnQuY29tMB4XDTIzM MxMzAwMDAwMFoXDTIzMDYxMTIzNTk1OVowbzELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExEzARBgNVBAcTCk1lbmxvIFBhcmsxHTAbBgNVBAoTFE1ldGEgUGxhdGZvcm1zLCBJbmMuMRcw QYDVQQDDA4qLndoYXRzYXBwLm5ldDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABPjo05vRHAJYYWx55SOu2b1ZIQPOOtJNipSBXf1BFBDQhrkp20YTA296MzKii2j3TgVi/1t44cW5mD1RWobfAQujgbM @@ -62,7 +62,7 @@ X0MiEv0UaAzwS3adWAZbD7R42u+xNCpX8iUyiwp2UvMf0l/+Q8CAtw4D5s/8hD7Vqvrv4H/ZfV7SrZ+rPrihi01t6LlcpZ2YMucX/tSgDzkjYWmT26V2OgRklM0aQWvHD3DVpghIJfI2swAAJJ5wvqwcJe WHAQb3aQZgHXjGF/LyBYCQsohTHUL7rhL8CxNlDTNhN2e+NRFGYGer157RCmM8xKroe3/X9pYifbzyEWInqQ+ycmLsQyAd7pPW+W1K1tlk9Niqk3dNQ10daYGau3IPWF5+iHtOlWjLcQrSj60Uv7Ebi0E+ Oe0tDabunCj6SEauGFxeJhM9xUZnOwb5wqIt+uGqPQ9WRJLehqwdFhiWOqwUfNcksn7l0M6e9Mnkh1J2kGxamQ0bvK7ftpm5O8MTAft0y882IfC++Zuk4gLhQoeE3s6877/rrHRJB/H8ZUaaBxAi2qH0NZ - ParXUxOkil5rVgFqI= + ParXUxOkil5rVgFqI=" """ RETURN = """ diff --git a/plugins/modules/cp_mgmt_external_trusted_ca.py b/plugins/modules/cp_mgmt_external_trusted_ca.py index 51b19dc..19bd1d5 100644 --- a/plugins/modules/cp_mgmt_external_trusted_ca.py +++ b/plugins/modules/cp_mgmt_external_trusted_ca.py @@ -109,26 +109,26 @@ - name: add-external-trusted-ca cp_mgmt_external_trusted_ca: base64_certificate: - MIICujCCAaKgAwIBAgIIP1+IHWHbl0EwDQYJKoZIhvcNAQELBQAwFDESMBAGA1UEAxMJd3d3LnouY29tMB4XDTIzMTEyOTEyMzAwMFoXDTI0MTEyMDE2MDAwMFowFDESMBAGA1UEAxMJd3d3LnouY29tMI + "MIICujCCAaKgAwIBAgIIP1+IHWHbl0EwDQYJKoZIhvcNAQELBQAwFDESMBAGA1UEAxMJd3d3LnouY29tMB4XDTIzMTEyOTEyMzAwMFoXDTI0MTEyMDE2MDAwMFowFDESMBAGA1UEAxMJd3d3LnouY29tMI BIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoBreRGuq8u43GBog+ZaAnaR8ZF8cT2ppvtd3JoFmzTOQivLIt9sNtFYqEgHCtnNkKn9TRrxN14YscHgKIxfDSVlC9Rh0rrBvWgFqcm715Whr99Ogx JbYFkusFWJarSejIFx4n6MM48MJxLdtCP6Hy1G2cj1BCiCHj4i3VIVaDE/aMkSqJbYEvf+vFqUWxY8/uEuKI/HGhI7mhUPW4NSGL0Oafz5eEFVsxqV5NA19/JJZ9NajSkyANnaNL5raxGV0oeqaE3JB3lS ZfWbH6mQsToUxxwIQfsZiIBozajDdTgP3Kn4SMY0b+I/WAWgfigMSDTAIR8J1sdzGXy2w2kqQIDAQABoxAwDjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBUgrHztHwC1E0mU5c4reMrHg+ +YRHrgJNHVIYQbL5I2TJHk9S3UZsynoMa1CO86rReOtR5xoGv4PCkyyOW+PNlWUtXF3tNgqWj/21+XzG4RBHPw89TaTxRCdo+MHX58fi07SIzKjmxfdkEi+7+HQEQluDZGViolrGBAw2rXq/SZ3q/11mNq b5ZyqyOa2u1sBF1ApvG5a/FBRTaO8gaiNelRf0PGYkuV+1HhF2XyP8Qk565d+uxUH5M7eHF2PNyVk/r/36T+x+UMql9y9iizA0ekuAjXLok1xYl3Vw4S5zXCXYtNZLOVrs+plJb7IrlElyTOAbDFuPugh0 - edz7uZ + edz7uZ" name: external_ca state: present - name: set-external-trusted-ca cp_mgmt_external_trusted_ca: base64_certificate: - MIICujCCAaKgAwIBAgIIFbLYzT2+3TMwDQYJKoZIhvcNAQELBQAwFDESMBAGA1UEAxMJd3d3LnouY29tMB4XDTI0MDIwMTEyMzEwMFoXDTI0MTIzMTE2MDAwMFowFDESMBAGA1UEAxMJd3d3LnouY29tMI + "MIICujCCAaKgAwIBAgIIFbLYzT2+3TMwDQYJKoZIhvcNAQELBQAwFDESMBAGA1UEAxMJd3d3LnouY29tMB4XDTI0MDIwMTEyMzEwMFoXDTI0MTIzMTE2MDAwMFowFDESMBAGA1UEAxMJd3d3LnouY29tMI BIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoBreRGuq8u43GBog+ZaAnaR8ZF8cT2ppvtd3JoFmzTOQivLIt9sNtFYqEgHCtnNkKn9TRrxN14YscHgKIxfDSVlC9Rh0rrBvWgFqcm715Whr99Ogx JbYFkusFWJarSejIFx4n6MM48MJxLdtCP6Hy1G2cj1BCiCHj4i3VIVaDE/aMkSqJbYEvf+vFqUWxY8/uEuKI/HGhI7mhUPW4NSGL0Oafz5eEFVsxqV5NA19/JJZ9NajSkyANnaNL5raxGV0oeqaE3JB3lS ZfWbH6mQsToUxxwIQfsZiIBozajDdTgP3Kn4SMY0b+I/WAWgfigMSDTAIR8J1sdzGXy2w2kqQIDAQABoxAwDjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBxaE9O/LCjKfWeugPeDPvr3Ld i1mYsgNIyN+ES1iDoJHXrBQpVzZelJRr8leFgbghGUX7Fwdh1qZ2Jw6nmD1oe/Q7jkPzTngb6dIMI/kFK4eXcS4GJ3S7yGobLB7QUKK1vrYWZdNuAzR6jMRmFECS+lPF7zlTexnwwOkATMp6lzS7xEpEhk 8eLpSQnYzvsM+rL9voU5q9MrdAJ2XaCZe4Crv75NdYU6ljD2eSYDrO148Tg480TlvT5wzBuyanKhI/Po2oLEVWU7h5tkensHKB5zvxigIr9ZkczdzVbbrRFi2jSQy+VxYWc0zCo/uO+yaKmmLfGDQEb8wZ - Y1Ml27 + Y1Ml27" crl_cache_method: expiration date name: external_ca retrieve_crl_from_http_servers: 'false' @@ -160,7 +160,7 @@ def main(): crl_cache_timeout=dict(type='int'), allow_certificates_from_branches=dict(type='bool'), branches=dict(type='list', elements='str'), - tags=dict(type='list'), + tags=dict(type='list', elements='str'), color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green', diff --git a/plugins/modules/cp_mgmt_https_rule.py b/plugins/modules/cp_mgmt_https_rule.py index c7491a6..22b52e0 100644 --- a/plugins/modules/cp_mgmt_https_rule.py +++ b/plugins/modules/cp_mgmt_https_rule.py @@ -68,7 +68,6 @@ description: - Rule inspect level. "Bypass" or "Inspect". type: str - elements: str blade: description: - Blades for HTTPS Inspection. Identified by Name or UID of the blade. diff --git a/plugins/modules/cp_mgmt_import_outbound_inspection_certificate.py b/plugins/modules/cp_mgmt_import_outbound_inspection_certificate.py index 9cb446c..fb612ec 100644 --- a/plugins/modules/cp_mgmt_import_outbound_inspection_certificate.py +++ b/plugins/modules/cp_mgmt_import_outbound_inspection_certificate.py @@ -88,7 +88,7 @@ - name: import-outbound-inspection-certificate cp_mgmt_import_outbound_inspection_certificate: base64_certificate: - MIIKSAIBAzCCCg4GCSqGSIb3DQEHAaCCCf8Eggn7MIIJ9zCCBI8GCSqGSIb3DQEHBqCCBIAwggR8AgEAMIIEdQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQILAfxjBi7DTQCAggAgIIESKgKoClNx4 + "MIIKSAIBAzCCCg4GCSqGSIb3DQEHAaCCCf8Eggn7MIIJ9zCCBI8GCSqGSIb3DQEHBqCCBIAwggR8AgEAMIIEdQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQILAfxjBi7DTQCAggAgIIESKgKoClNx4 yTQr7xfIgSBSDs0It2vVsLubNFJpbQXzJUu2WaPQPbqV3wISpWCa/auLYC9OWpTI89HFt30rVAdWCFVoty7jI6L8HjTYa8fTGyqW7PyfoGyZclmz6totsmeVWc8i7wnl9Hk8NZpLWuixNoSLQUqBoloyZE ll3i3/Z+/6mDlYkRmpCMQA2YLQm1yc/3n7Fq6grBJDro0tIIoAwIzgCdoKqIMwlDNA9c0eaHeXsP4k9WfJQbK6AyLTvHbrrNrgUyEDJQI6BCkeQwkBW2zRUHoe7s1DSQ5Rwft4koIaDcGovLES5g1gnXzm r4/23+rf4/EZszB0QvlYvZIKLQ8O2ofvZ/HK+59fxlhKEiEkW2yhezDGR9s6hZnzZ8vMutisQJ8MO0m9iKVD5AAtif/32iy5+TVIQfqgER+DYVGOuk15YF2VcZGRlQ8pSvBXIkMMUDRqjFxQfKYIMlyk6R @@ -110,7 +110,7 @@ LBJQfY/9sWyaMqSGy0/Vq4/+/CtXUZ1N5rgibYyIZ9Tvm/ndv2xBW1hYivIZZQFRbg5fWxKA5ifYejGmYCWGQynRSVCbqccw08xy5Iwnww4v5Cz5bcNyRLFOU2/bfn7SC5mcQ/Tw5ZKOQVRn88G78amMPH RqX4RzPtIwmK+B3zPJX0MHrY3w5hzPZ0UCtR2YsbYLeqsYP6b+RBLSV3wtkUZ9PgbMeu7zXSE0z1svGpjF7yWpnP47ilbxwe1YXL5+CuqN6iHFfyaP1JPYILmHdw0gzgyOdo1y4rUXgCeiCyH4vJVLts8E KpXZDMCUmujb306IOD9haFXdQHV5XlQurtw+JC7ySe9bVMrzYJv5/oPioOXMnLPI2OXYbACwlQ/UHgl5LmDlsxeairdfYTdAxajFEMB0GCSqGSIb3DQEJFDEQHg4AbQB5AGEAbABpAGEAczAjBgkqhkiG9 - 0BCRUxFgQU7cUIcmKuQKAMfwbKiKzQozUsyHwwMTAhMAkGBSsOAwIaBQAEFEFoI0QTIv2s2lR8PxS8xfiT5S06BAjANT3YLoakoAICCAA= + 0BCRUxFgQU7cUIcmKuQKAMfwbKiKzQozUsyHwwMTAhMAkGBSsOAwIaBQAEFEFoI0QTIv2s2lR8PxS8xfiT5S06BAjANT3YLoakoAICCAA=" base64_password: bXlfcGFzc3dvcmQ= is_default: 'false' name: OutboundCertificate diff --git a/plugins/modules/cp_mgmt_mobile_access_profile_rule.py b/plugins/modules/cp_mgmt_mobile_access_profile_rule.py index 3b4ed81..bae5d64 100644 --- a/plugins/modules/cp_mgmt_mobile_access_profile_rule.py +++ b/plugins/modules/cp_mgmt_mobile_access_profile_rule.py @@ -98,7 +98,6 @@ mobile_profile: Default_Profile name: Rule 1 position: 2 - state: present user_groups: - my_group state: present diff --git a/plugins/modules/cp_mgmt_mobile_access_profile_rule_facts.py b/plugins/modules/cp_mgmt_mobile_access_profile_rule_facts.py index 69ea7b5..f985b0f 100644 --- a/plugins/modules/cp_mgmt_mobile_access_profile_rule_facts.py +++ b/plugins/modules/cp_mgmt_mobile_access_profile_rule_facts.py @@ -135,7 +135,7 @@ def main(): ) argument_spec.update(checkpoint_argument_spec_for_facts) - module = AnsibleModule(argument_spec=argument_spec) + module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) api_call_object = "mobile-access-profile-rule" api_call_object_plural_version = "mobile-access-profile-rulebase" diff --git a/plugins/modules/cp_mgmt_mobile_access_rule_facts.py b/plugins/modules/cp_mgmt_mobile_access_rule_facts.py index c71c167..76586c9 100644 --- a/plugins/modules/cp_mgmt_mobile_access_rule_facts.py +++ b/plugins/modules/cp_mgmt_mobile_access_rule_facts.py @@ -135,7 +135,7 @@ def main(): ) argument_spec.update(checkpoint_argument_spec_for_facts) - module = AnsibleModule(argument_spec=argument_spec) + module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) api_call_object = "mobile-access-rule" api_call_object_plural_version = "mobile-access-rulebase" diff --git a/plugins/modules/cp_mgmt_mobile_profile.py b/plugins/modules/cp_mgmt_mobile_profile.py index a236a23..3bc0b68 100644 --- a/plugins/modules/cp_mgmt_mobile_profile.py +++ b/plugins/modules/cp_mgmt_mobile_profile.py @@ -444,15 +444,27 @@ def main(): certificate_expire_message=dict(type='str') )), data_leak_prevention=dict(type='dict', options=dict( - open_extension_with_external_app=dict(type='list', elements='str'), - share_protected_extension=dict(type='list', elements='str'), - share_unprotected_extension=dict(type='list', elements='str'), + open_extension_with_external_app=dict(type='list', elements='str', choices=['any file', 'word documents', + 'excel documents', + 'powerpoint documents', + 'any microsoft office documents', + 'media files']), + share_protected_extension=dict(type='list', elements='str', choices=['any file', 'word documents', 'excel documents', + 'powerpoint documents', + 'any microsoft office documents', 'media files']), + share_unprotected_extension=dict(type='list', elements='str', choices=['any file', 'word documents', 'excel documents', + 'powerpoint documents', + 'any microsoft office documents', 'media files']), allow_copy_paste=dict(type='bool'), block_forward_attachments=dict(type='bool'), block_screenshot=dict(type='bool'), allowed_domains_forward_attachment=dict(type='str'), - accept_protected_file_extensions=dict(type='list', elements='str'), - accept_unprotected_file_extensions=dict(type='list', elements='str'), + accept_protected_file_extensions=dict(type='list', elements='str', choices=['any file', 'word documents', 'excel documents', + 'powerpoint documents', + 'any microsoft office documents', 'media files']), + accept_unprotected_file_extensions=dict(type='list', elements='str', choices=['any file', 'word documents', 'excel documents', + 'powerpoint documents', + 'any microsoft office documents', 'media files']), allow_import_from_gallery=dict(type='bool'), allow_taking_photos_and_videos=dict(type='bool'), offer_capsule_as_viewer=dict(type='bool') @@ -479,7 +491,7 @@ def main(): session_timeout_unit=dict(type='str', choices=['weeks', 'days', 'hours', 'minutes']), activate_passcode_lock=dict(type='bool'), allow_store_credentials=dict(type='bool'), - passcode_profile=dict(type='str'), + passcode_profile=dict(type='str', no_log=False), report_jailbroken=dict(type='bool'), block_jailbroken=dict(type='str', choices=['block', 'none']), block_3rd_party_keyboard=dict(type='bool'), diff --git a/plugins/modules/cp_mgmt_network_probe.py b/plugins/modules/cp_mgmt_network_probe.py index c81cb5e..a6d30e5 100644 --- a/plugins/modules/cp_mgmt_network_probe.py +++ b/plugins/modules/cp_mgmt_network_probe.py @@ -82,14 +82,14 @@ elements: str interval: description: - - The time interval (in seconds) between each probe request.
Best Practice - The interval value should be lower than the timeout value. + - The time interval in the range of 5-300 (seconds) between each probe request. + Best Practice - The interval value should be lower than the timeout value. type: int - choices: ['5-300'] timeout: description: - - The probe expiration timeout (in seconds). If there is not a single reply within this time, the status of the probe changes to "Down". + - The probe expiration timeout in the range of 5-300 (seconds). + If there is not a single reply within this time, the status of the probe changes to "Down". type: int - choices: ['5-300'] color: description: - Color of the object. Should be one of existing colors. @@ -172,8 +172,8 @@ def main(): install_on=dict(type='list', elements='str'), protocol=dict(type='str', choices=['http', 'icmp']), tags=dict(type='list', elements='str'), - interval=dict(type='int', choices=['5-300']), - timeout=dict(type='int', choices=['5-300']), + interval=dict(type='int'), + timeout=dict(type='int'), color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green', diff --git a/plugins/modules/cp_mgmt_opsec_trusted_ca.py b/plugins/modules/cp_mgmt_opsec_trusted_ca.py index 3cc7b38..348b26e 100644 --- a/plugins/modules/cp_mgmt_opsec_trusted_ca.py +++ b/plugins/modules/cp_mgmt_opsec_trusted_ca.py @@ -194,13 +194,13 @@ - name: add-opsec-trusted-ca cp_mgmt_opsec_trusted_ca: base64_certificate: - MIICwjCCAaqgAwIBAgIILdexblpVEMIwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAxMNd3d3Lm9wc2VjLmNvbTAeFw0yMzA2MjUwOTE3MDBaFw0yNTAzMzExNjAwMDBaMBgxFjAUBgNVBAMTDXd3dy5vcH + "MIICwjCCAaqgAwIBAgIILdexblpVEMIwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAxMNd3d3Lm9wc2VjLmNvbTAeFw0yMzA2MjUwOTE3MDBaFw0yNTAzMzExNjAwMDBaMBgxFjAUBgNVBAMTDXd3dy5vcH lYy5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjpqCxDaVg+I1b+wqnmjjYtL3v7Tlu/YpMbsKnv+M1gRz6QFUOoSVnxKLo0A7Y4kCqa1OPcHO/LtXuok43F1YZPVKm3xWpY8FmqGqf5 uGmSwm1HPObcMjwGOyFgwpwEDF5e0UMZ7xtJF8BZ5KKBh3ZfQ1FbmbVqSUPcmOi+NE4JspPlHxX+m6es/yeSGR1A2ezKY7KePTlwVtDe8hiLrYyKG92nka5rkD1QyEIVJ0W5wrnU4nGEDIHeOfT09zroQx NLkb51sl4Tog/qw+EraVGIBe/iFnSJoDF37i2mLJqI/t8bel+aGDAxgMx1pO85OClgjPSWL0UIXGI2xrR+JAgMBAAGjEDAOMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAHTs1AutAmSLHF2 RLJtrRNkso0lMyA7XI7k1TNpTk7TCZLNY0VbUliGbcl+POH4EG8ARUrftnwRDCTBd2BdJTqG2CyNADi+bw8aLvbxok7KH0GlQvGjyfq+sHK12wTl4ULNyYoAPZ01GhXOvkobROdSyjxvBVhxdVo90kj7mH v3N83huNhfstDFUBcQCmMkbLuzDUZrl2a1OtqlOdNC6mNvb7Jq9W9vRxGA514e7jqyoM+PwHu5fILx/jmGT8suOUnvbtcDdFhjqixAPer6uSPR0CSbiJvuDy72DPH5mjZK5dQKewNYOZ/BQEsRIBe+Q6eG - oJqi+cD63cwlw0DCc= + oJqi+cD63cwlw0DCc=" name: opsec_ca state: present diff --git a/plugins/modules/cp_mgmt_opsec_trusted_ca_facts.py b/plugins/modules/cp_mgmt_opsec_trusted_ca_facts.py index bdc7fd1..485336a 100644 --- a/plugins/modules/cp_mgmt_opsec_trusted_ca_facts.py +++ b/plugins/modules/cp_mgmt_opsec_trusted_ca_facts.py @@ -125,7 +125,7 @@ def main(): ) argument_spec.update(checkpoint_argument_spec_for_facts) - module = AnsibleModule(argument_spec=argument_spec) + module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) api_call_object = "opsec-trusted-ca" api_call_object_plural_version = "opsec-trusted-cas" diff --git a/plugins/modules/cp_mgmt_passcode_profile.py b/plugins/modules/cp_mgmt_passcode_profile.py index b0cfd50..180686b 100644 --- a/plugins/modules/cp_mgmt_passcode_profile.py +++ b/plugins/modules/cp_mgmt_passcode_profile.py @@ -163,17 +163,17 @@ def main(): argument_spec = dict( name=dict(type='str', required=True), allow_simple_passcode=dict(type='bool'), - min_passcode_length=dict(type='int'), + min_passcode_length=dict(type='int', no_log=True), require_alphanumeric_passcode=dict(type='bool'), - min_passcode_complex_characters=dict(type='int'), + min_passcode_complex_characters=dict(type='int', no_log=True), force_passcode_expiration=dict(type='bool'), passcode_expiration_period=dict(type='int'), enable_inactivity_time_lock=dict(type='bool'), max_inactivity_time_lock=dict(type='int'), enable_passcode_failed_attempts=dict(type='bool'), - max_passcode_failed_attempts=dict(type='int'), + max_passcode_failed_attempts=dict(type='int', no_log=True), enable_passcode_history=dict(type='bool'), - passcode_history=dict(type='int'), + passcode_history=dict(type='int', no_log=True), tags=dict(type='list', elements='str'), color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', diff --git a/plugins/modules/cp_mgmt_set_cp_trusted_ca_certificate.py b/plugins/modules/cp_mgmt_set_cp_trusted_ca_certificate.py index 8ba2d9f..7ef9de9 100644 --- a/plugins/modules/cp_mgmt_set_cp_trusted_ca_certificate.py +++ b/plugins/modules/cp_mgmt_set_cp_trusted_ca_certificate.py @@ -56,6 +56,7 @@ - Indicates which domains to process the commands on. It cannot be used with the details-level full, must be run from the System Domain only and with ignore-warnings true. Valid values are, CURRENT_DOMAIN, ALL_DOMAINS_ON_THIS_SERVER. type: list + elements: str extends_documentation_fragment: check_point.mgmt.checkpoint_commands """ @@ -82,7 +83,7 @@ def main(): name=dict(type='str', required=True), status=dict(type='str', choices=['enabled', 'disabled']), details_level=dict(type='str', choices=['uid', 'standard', 'full']), - domains_to_process=dict(type='list') + domains_to_process=dict(type='list', elements='str') ) argument_spec.update(checkpoint_argument_spec_for_commands)