From 9cfe3b0765bb439ba937bae16302f721c411c350 Mon Sep 17 00:00:00 2001
From: chkp-edenbr <94056191+chkp-edenbr@users.noreply.github.com>
Date: Wed, 10 Jan 2024 16:56:00 +0200
Subject: [PATCH] new R81.20 JHF modules (#117)
* v5.1.3
* new R81.20 JHF modules
---
CHANGELOG.rst | 24 ++++++
changelogs/changelog.yaml | 32 ++++++-
galaxy.yml | 2 +-
plugins/module_utils/checkpoint.py | 3 +-
.../modules/cp_mgmt_add_central_license.py | 78 +++++++++++++++++
.../modules/cp_mgmt_central_license_facts.py | 86 +++++++++++++++++++
.../modules/cp_mgmt_delete_central_license.py | 77 +++++++++++++++++
.../cp_mgmt_distribute_cloud_licenses.py | 82 ++++++++++++++++++
.../cp_mgmt_show_cloud_licenses_usage.py | 71 +++++++++++++++
plugins/modules/cp_mgmt_show_ha_status.py | 71 +++++++++++++++
10 files changed, 522 insertions(+), 4 deletions(-)
create mode 100644 plugins/modules/cp_mgmt_add_central_license.py
create mode 100644 plugins/modules/cp_mgmt_central_license_facts.py
create mode 100644 plugins/modules/cp_mgmt_delete_central_license.py
create mode 100644 plugins/modules/cp_mgmt_distribute_cloud_licenses.py
create mode 100644 plugins/modules/cp_mgmt_show_cloud_licenses_usage.py
create mode 100644 plugins/modules/cp_mgmt_show_ha_status.py
diff --git a/CHANGELOG.rst b/CHANGELOG.rst
index b8dd642..d17ec07 100644
--- a/CHANGELOG.rst
+++ b/CHANGELOG.rst
@@ -4,6 +4,30 @@ Check_Point.Mgmt Release Notes
.. contents:: Topics
+
+v5.2.0
+======
+
+Release Summary
+---------------
+
+This is release 5.2.0 of ``check_point.mgmt``, released on 2024-01-10.
+
+Minor Changes
+-------------
+
+- New resource modules for R81.20 JHF Take 43
+
+New Modules
+-----------
+
+- check_point.mgmt.cp_mgmt_add_central_license - Add central license.
+- check_point.mgmt.cp_mgmt_delete_central_license - Delete central license.
+- check_point.mgmt.cp_mgmt_central_license_facts - Get central-license objects facts on Checkpoint over Web Services API.
+- check_point.mgmt.cp_mgmt_distribute_cloud_licenses - Distribute licenses to target CloudGuard gateways.
+- check_point.mgmt.cp_mgmt_show_cloud_licenses_usage - Show attached licenses usage.
+- check_point.mgmt.cp_mgmt_show_ha_status - Retrieve domain high availability status.
+
v5.1.3
======
diff --git a/changelogs/changelog.yaml b/changelogs/changelog.yaml
index 3a87b8d..0a417b3 100644
--- a/changelogs/changelog.yaml
+++ b/changelogs/changelog.yaml
@@ -1051,5 +1051,33 @@ releases:
release_summary: This is release 5.1.3 of ``check_point.mgmt``, released on
2023-12-13.
fragments:
- - 5.1.2.yml
- release_date: '2022-12-13'
\ No newline at end of file
+ - 5.1.3.yml
+ release_date: '2022-12-13'
+ 5.2.0:
+ changes:
+ minor_changes:
+ - New resource modules for R81.20 JHF Take 43
+ release_summary: This is release 5.2.0 of ``check_point.mgmt``, released on
+ 2024-01-10.
+ fragments:
+ - 5.2.0.yml
+ modules:
+ - description: Add central license.
+ name: cp_mgmt_add_central_license
+ namespace: ''
+ - description: Delete central license.
+ name: cp_mgmt_delete_central_license
+ namespace: ''
+ - description: Get central-license objects facts on Checkpoint over Web Services API
+ name: cp_mgmt_central_license_facts
+ namespace: ''
+ - description: Distribute licenses to target CloudGuard gateways.
+ name: cp_mgmt_distribute_cloud_licenses
+ namespace: ''
+ - description: Show attached licenses usage.
+ name: cp_mgmt_show_cloud_licenses_usage
+ namespace: ''
+ - description: Retrieve domain high availability status.
+ name: cp_mgmt_show_ha_status
+ namespace: ''
+ release_date: '2024-01-10'
\ No newline at end of file
diff --git a/galaxy.yml b/galaxy.yml
index d48de32..98dbd9d 100644
--- a/galaxy.yml
+++ b/galaxy.yml
@@ -9,7 +9,7 @@ namespace: check_point
name: mgmt
# The version of the collection. Must be compatible with semantic versioning
-version: 5.1.3
+version: 5.2.0
# The path to the Markdown (.md) readme file. This path is relative to the root of the collection
readme: README.md
diff --git a/plugins/module_utils/checkpoint.py b/plugins/module_utils/checkpoint.py
index 5d9daf5..bc2ad43 100644
--- a/plugins/module_utils/checkpoint.py
+++ b/plugins/module_utils/checkpoint.py
@@ -264,7 +264,7 @@ def is_checkpoint_param(parameter):
def contains_show_identifier_param(payload):
- identifier_params = ["name", "uid", "assigned-domain", "task-id"]
+ identifier_params = ["name", "uid", "assigned-domain", "task-id", "signature"]
for param in identifier_params:
if payload.get(param) is not None:
return True
@@ -300,6 +300,7 @@ def get_payload_from_parameters(params):
or parameter == "server_version"
or parameter == "check_point_host_version"
or parameter == "target_version"
+ or parameter == "vsx_version"
):
parameter = "version"
diff --git a/plugins/modules/cp_mgmt_add_central_license.py b/plugins/modules/cp_mgmt_add_central_license.py
new file mode 100644
index 0000000..909fcd3
--- /dev/null
+++ b/plugins/modules/cp_mgmt_add_central_license.py
@@ -0,0 +1,78 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see .
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_add_central_license
+short_description: Add central license.
+description:
+ - Add central license.
+ - All operations are performed over Web Services API.
+version_added: "5.2.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ license:
+ description:
+ - The license string received from the User Center - without 'cplic put'.
+ type: str
+extends_documentation_fragment: check_point.mgmt.checkpoint_commands
+"""
+
+EXAMPLES = """
+- name: add-central-license
+ cp_mgmt_add_central_license:
+ license: 192.168.1.2 never dTTTTTT-WWWWWW-SSSSSSS-QQQQQQ CPSG-VE+3 CPBS-BECE CPSB-DFW CPSM-C-2 CPSB-VPN CPSB-NPM CPSB-LOGS CPSB-IA
+ CPSB-ADNC CPSB-SSLVWPN-5 CK-66666666
+"""
+
+RETURN = """
+cp_mgmt_add_central_license:
+ description: The checkpoint add-central-license output.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+
+
+def main():
+ argument_spec = dict(
+ license=dict(type='str')
+ )
+ argument_spec.update(checkpoint_argument_spec_for_commands)
+
+ module = AnsibleModule(argument_spec=argument_spec)
+
+ command = "add-central-license"
+
+ result = api_command(module, command)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/plugins/modules/cp_mgmt_central_license_facts.py b/plugins/modules/cp_mgmt_central_license_facts.py
new file mode 100644
index 0000000..d53212c
--- /dev/null
+++ b/plugins/modules/cp_mgmt_central_license_facts.py
@@ -0,0 +1,86 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see .
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_central_license_facts
+short_description: Get central-license objects facts on Checkpoint over Web Services API
+description:
+ - Get central-license objects facts on Checkpoint devices.
+ - All operations are performed over Web Services API.
+ - This module handles both operations, get a specific object and get several objects,
+ For getting a specific object use the parameter 'signature'.
+version_added: "5.2.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ signature:
+ description:
+ - The license's signature. This parameter is relevant only for getting a specific object.
+ type: str
+extends_documentation_fragment: checkpoint_facts
+"""
+
+EXAMPLES = """
+- name: show-central-license
+ cp_mgmt_central_license_facts:
+ signature: dLLLLL-WWWWWW-ZZZZZZ-QQQQQQ
+
+- name: show-central-licenses
+ cp_mgmt_show_central_licenses:
+"""
+
+RETURN = """
+ansible_facts:
+ description: The checkpoint object facts.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_facts,
+ api_call_facts,
+)
+
+
+def main():
+ argument_spec = dict(
+ signature=dict(type='str')
+ )
+ argument_spec.update(checkpoint_argument_spec_for_facts)
+
+ module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+
+ api_call_object = "central-license"
+ api_call_object_plural_version = "central-licenses"
+
+ result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ module.exit_json(ansible_facts=result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/plugins/modules/cp_mgmt_delete_central_license.py b/plugins/modules/cp_mgmt_delete_central_license.py
new file mode 100644
index 0000000..e08a9f9
--- /dev/null
+++ b/plugins/modules/cp_mgmt_delete_central_license.py
@@ -0,0 +1,77 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see .
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_delete_central_license
+short_description: Delete central license.
+description:
+ - Delete central license.
+ - All operations are performed over Web Services API.
+version_added: "5.2.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ signature:
+ description:
+ - The license's signature to be deleted.
+ type: str
+extends_documentation_fragment: check_point.mgmt.checkpoint_commands
+"""
+
+EXAMPLES = """
+- name: delete-central-license
+ cp_mgmt_delete_central_license:
+ signature: dTTTTTT-WWWWWW-SSSSSSS-QQQQQQ
+"""
+
+RETURN = """
+cp_mgmt_delete_central_license:
+ description: The checkpoint delete-central-license output.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+
+
+def main():
+ argument_spec = dict(
+ signature=dict(type='str')
+ )
+ argument_spec.update(checkpoint_argument_spec_for_commands)
+
+ module = AnsibleModule(argument_spec=argument_spec)
+
+ command = "delete-central-license"
+
+ result = api_command(module, command)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/plugins/modules/cp_mgmt_distribute_cloud_licenses.py b/plugins/modules/cp_mgmt_distribute_cloud_licenses.py
new file mode 100644
index 0000000..a381ccc
--- /dev/null
+++ b/plugins/modules/cp_mgmt_distribute_cloud_licenses.py
@@ -0,0 +1,82 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see .
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_distribute_cloud_licenses
+short_description: Distribute licenses to target CloudGuard gateways.
+description:
+ - Distribute licenses to target CloudGuard gateways. For more information, see the Central License Administration Guide.
+ - All operations are performed over Web Services API.
+version_added: "5.2.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ targets:
+ description:
+ - Targets are uid or name of the security gateway(s). In case no target specified, the license will be distributed to all CloudGuard security gateways.
+ type: list
+ elements: str
+extends_documentation_fragment: check_point.mgmt.checkpoint_commands
+"""
+
+EXAMPLES = """
+- name: distribute-cloud-licenses
+ cp_mgmt_distribute_cloud_licenses:
+ targets:
+ - GW1
+ - GW2
+"""
+
+RETURN = """
+cp_mgmt_distribute_cloud_licenses:
+ description: The checkpoint distribute-cloud-licenses output.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+
+
+def main():
+ argument_spec = dict(
+ targets=dict(type='list', elements='str')
+ )
+ argument_spec.update(checkpoint_argument_spec_for_commands)
+
+ module = AnsibleModule(argument_spec=argument_spec)
+
+ command = "distribute-cloud-licenses"
+
+ result = api_command(module, command)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/plugins/modules/cp_mgmt_show_cloud_licenses_usage.py b/plugins/modules/cp_mgmt_show_cloud_licenses_usage.py
new file mode 100644
index 0000000..10faf1b
--- /dev/null
+++ b/plugins/modules/cp_mgmt_show_cloud_licenses_usage.py
@@ -0,0 +1,71 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see .
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_show_cloud_licenses_usage
+short_description: Show attached licenses usage.
+description:
+ - Show attached licenses usage.
+ - All operations are performed over Web Services API.
+version_added: "5.2.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options: {}
+extends_documentation_fragment: check_point.mgmt.checkpoint_commands
+"""
+
+EXAMPLES = """
+- name: show-cloud-licenses-usage
+ cp_mgmt_show_cloud_licenses_usage:
+"""
+
+RETURN = """
+cp_mgmt_show_cloud_licenses_usage:
+ description: The checkpoint show-cloud-licenses-usage output.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+
+
+def main():
+ argument_spec = dict(
+ )
+ argument_spec.update(checkpoint_argument_spec_for_commands)
+
+ module = AnsibleModule(argument_spec=argument_spec)
+
+ command = "show-cloud-licenses-usage"
+
+ result = api_command(module, command)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/plugins/modules/cp_mgmt_show_ha_status.py b/plugins/modules/cp_mgmt_show_ha_status.py
new file mode 100644
index 0000000..8ed957e
--- /dev/null
+++ b/plugins/modules/cp_mgmt_show_ha_status.py
@@ -0,0 +1,71 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see .
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_show_ha_status
+short_description: Retrieve domain high availability status.
+description:
+ - Retrieve domain high availability status.
+ - All operations are performed over Web Services API.
+version_added: "5.2.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options: {}
+extends_documentation_fragment: check_point.mgmt.checkpoint_commands
+"""
+
+EXAMPLES = """
+- name: show-ha-status
+ cp_mgmt_show_ha_status:
+"""
+
+RETURN = """
+cp_mgmt_show_ha_status:
+ description: The checkpoint show-ha-status output.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+
+
+def main():
+ argument_spec = dict(
+ )
+ argument_spec.update(checkpoint_argument_spec_for_commands)
+
+ module = AnsibleModule(argument_spec=argument_spec)
+
+ command = "show-ha-status"
+
+ result = api_command(module, command)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()