cp_mgmt_administrator – Manages administrator objects on Check Point over Web Services API¶
New in version 2.9.
Synopsis¶
Manages administrator objects on Check Point devices including creating, updating and removing objects.
All operations are performed over Web Services API.
Parameters¶
Parameter | Choices/Defaults | Comments | |
---|---|---|---|
authentication_method
string
|
|
Authentication method.
|
|
auto_publish_session
boolean
|
|
Publish the current session if changes have been performed after task completes.
|
|
color
string
|
|
Color of the object. Should be one of existing colors.
|
|
comments
string
|
Comments string.
|
||
details_level
string
|
|
The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed representation of the object.
|
|
email
string
|
Administrator email.
|
||
expiration_date
string
|
Format, YYYY-MM-DD, YYYY-mm-ddThh,mm,ss.
|
||
ignore_errors
boolean
|
|
Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored.
|
|
ignore_warnings
boolean
|
|
Apply changes ignoring warnings.
|
|
multi_domain_profile
string
|
Administrator multi-domain profile.
|
||
must_change_password
boolean
|
|
True if administrator must change password on the next login.
|
|
name
string
/ required
|
Object name.
|
||
password
string
|
Administrator password.
|
||
password_hash
string
|
Administrator password hash.
|
||
permissions_profile
list
|
Administrator permissions profile. Permissions profile should not be provided when multi-domain-profile is set to "Multi-Domain Super User" or "Domain Super User".
|
||
profile
string
|
Permission profile.
|
||
phone_number
string
|
Administrator phone number.
|
||
radius_server
string
|
RADIUS server object identified by the name or UID. Must be set when "authentication-method" was selected to be "RADIUS".
|
||
state
string
|
|
State of the access rule (present or absent). Defaults to present.
|
|
tacacs_server
string
|
TACACS server object identified by the name or UID. Must be set when "authentication-method" was selected to be "TACACS".
|
||
tags
list
|
Collection of tag identifiers.
|
||
version
string
|
Version of checkpoint. If not given one, the latest version taken.
|
||
wait_for_task
boolean
|
|
Wait for the task to end. Such as publish task.
|
Examples¶
- name: add-administrator
cp_mgmt_administrator:
authentication_method: INTERNAL_PASSWORD
email: admin@gmail.com
must_change_password: false
name: admin
password: secret
permissions_profile: read write all
phone_number: 1800-800-800
state: present
- name: set-administrator
cp_mgmt_administrator:
name: admin
password: bew secret
permissions_profile: read only profile
state: present
- name: delete-administrator
cp_mgmt_administrator:
name: admin
state: absent
Return Values¶
Common return values are documented here, the following are the fields unique to this module:
Key | Returned | Description |
---|---|---|
cp_mgmt_administrator
dictionary
|
always, except when deleting the object. |
The checkpoint object created or updated.
|
Status¶
This module is not guaranteed to have a backwards compatible interface. [preview]
This module is maintained by the Ansible Community. [community]
Authors¶
Or Soffer (@chkp-orso)
Hint
If you notice any issues in this documentation, you can edit this document to improve it.