check_point.mgmt.cp_mgmt_identity_provider module – Manages identity-provider objects on Checkpoint over Web Services API
Note
This module is part of the check_point.mgmt collection (version 6.5.0).
You might already have this collection installed if you are using the ansible package.
It is not included in ansible-core.
To check whether it is installed, run ansible-galaxy collection list.
To install it, use: ansible-galaxy collection install check_point.mgmt.
To use it in a playbook, specify: check_point.mgmt.cp_mgmt_identity_provider.
New in check_point.mgmt 6.5.0
Synopsis
Manages identity-provider objects on Checkpoint devices including creating, updating and removing objects.
All operations are performed over Web Services API.
Available from R82 JHF management version.
Parameters
Parameter |
Comments |
|---|---|
Publish the current session if changes have been performed after task completes. Choices:
|
|
Certificate file encoded in base64 based on provider data. <font color=”red”>Required only when</font> ‘data-receiving’ is set to ‘manually’. |
|
Metadata file encoded in base64 based on the provider data. <font color=”red”>Required only when</font> ‘data-receiving’ is set to ‘metadata_file’. |
|
Color of the object. Should be one of existing colors. Choices:
|
|
Comments string. |
|
Data receiving method from the SAML Identity Provider. Choices:
|
|
The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed representation of the object. Choices:
|
|
Indicates which domains to process the commands on. It cannot be used with the details-level full, must be run from the System Domain only and with ignore-warnings true. Valid values are, CURRENT_DOMAIN, ALL_DOMAINS_ON_THIS_SERVER. |
|
Gateway for the SAML Identity Provider usage. Identified by name or UID. <font color=”red”>Required only when</font> ‘usage’ is set to ‘gateway_policy_and_logs’. |
|
Apply changes ignoring errors. You won’t be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored. Choices:
|
|
Apply changes ignoring warnings. Choices:
|
|
Login URL based on the provider data. <font color=”red”>Required only when</font> ‘data-receiving’ is set to ‘manually’. |
|
Object name. |
|
Received Identifier (Entity ID) based on the provider data. <font color=”red”>Required only when</font> ‘data-receiving’ is set to ‘manually’. |
|
Service for the selected gateway. <font color=”red”>Required only when</font> ‘usage’ is set to ‘gateway_policy_and_logs’. Choices:
|
|
State of the access rule (present or absent). Choices:
|
|
Collection of tag identifiers. |
|
Usage of Identity Provider. Choices:
|
|
Version of checkpoint. If not given one, the latest version taken. |
|
Wait for the task to end. Such as publish task. Choices:
|
|
How many minutes to wait until throwing a timeout error. Default: |
Examples
- name: add-identity-provider
cp_mgmt_identity_provider:
base64_certificate: |
LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUM4RENDQWRpZ0F3SUJBZ0lRUTBWZVpLdVBLb0pQUWhaNGhDaWRzREFOQmdrcWhraUc5dzBCQVFzRkFEQTBNVEl3TUFZRFZRUURFeWxOYVdOeWIzTn
ablFnUVhwMWNtVWdSbVZrWlhKaGRHVmtJRk5UVHlCRFpYSjBhV1pwWTJGMFpUQWVGdzB4T0RBME1UVXhNVEl6TXpOYUZ3MHlNVEEwTVRVeE1USXpNek5hTURReE1qQXdCZ05WQkFNVEtVMXBZM0p2YzI5b
RDQkJlblZ5WlNCR1pXUmxjbUYwWldRZ1UxTlBJRU5sY25ScFptbGpZWFJsTUlJQklqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FROEFNSUlCQ2dLQ0FRRUE0VXVqYUd0OFhaODl2dXZ5a3lRVzVYb24vOFIv
VB0ejRhYjBNM3RNVXZHWHozVXh0V1pTRStUR1hydjN3VHRLMCs4RmtNeXVKYUhGSXBLLzRVREZpRk1yQmxzR0Z1dmtTc1p5VjIzZlNGN3paaXlUWTZUN0EwcCtnczUwNVhEOUdBYjlWYmR3R0cwK0tDVnl
c1ZRZ1YySXdKZ2l5aHF3RUNvY3dCcmFuN251SytURU5EMmwyZjlZcng1b1JNRU56NzB3bHlIMzZPWkJtdDBrNTk4L1doMEhEWUxaZW8wZHlTV3JOd3dlWXZTeEU4L01kbTQzWEV1U3pialR6ZnNNMHZVUn
GQlNyVUxFYURPMS9JUDJVcjdCc2dId1JJL3hmb3FJbUsxS2twVXEwQWxjVEFpM3YxdTl6Qy9xTGdQd0F5UUl2dzlVQ3NpcnJQQTBZMFlPaFFJREFRQUJNQTBHQ1NxR1NJYjNEUUVCQ3dVQUE0SUJBUURja
9qZEd6L0FJQ2pqTTBaN21ZbGdQNXpic2FRNWRDMmNqZjRESnFta21zV3VmUnBDNHNic3VoODcwY0NCS2N1dmgrb0dpekJRSHJQbTRUaEl2ZklsS0w4WGpMQVhiRnVSUG9IQWcwOHNMWGR2UFRCVE52REYx
WhvcU5zMmo2ZUZxL2ROdXF2ZUJIcjVENXRLblYyWEJHRUhFOVJFOVdUa1pRT2MwaEhtQ3dNbWNZb3JYRzhCa3l1OXFwNXhyMDZMQ0htMnJLcnI2ZENRVldBV0R0MzhiS2t5STRobTVSNTVCclR5UldSdzI
RS9YaFEwVksva1FJYW9GZ0hvaWo0ekg5bmxlZnZMbmhaZDVPRzROL29OS2pBKy9LbkVqaTdPQXhKWVNaR1FmRjU0R1AwQTE4VnF1NVVGaFBKMUZFQXZ5YjR0QnZtTzM1NFFVUys5UTY2agotLS0tLUVORC
DRVJUSUZJQ0FURS0tLS0t
data_receiving: manually
login_url: https://login.checkpointonline.com/621ac12d-4afb-479c-9c14-13e7b743cd07/saml2
name: TestIdp2
received_identifier: https://sts.checkpoint.net/621ac12d-4afb-479c-9c14-13e7b743cd07/
state: present
usage: managing_administrator_access
- name: set-identity-provider
cp_mgmt_identity_provider:
base64_certificate: |
LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUM4RENDQWRpZ0F3SUJBZ0lRUTBWZVpLdVBLb0pQUWhaNGhDaWRzREFOQmdrcWhraUc5dzBCQVFzRkFEQTBNVEl3TUFZRFZRUURFeWxOYVdOeWIzTn
ablFnUVhwMWNtVWdSbVZrWlhKaGRHVmtJRk5UVHlCRFpYSjBhV1pwWTJGMFpUQWVGdzB4T0RBME1UVXhNVEl6TXpOYUZ3MHlNVEEwTVRVeE1USXpNek5hTURReE1qQXdCZ05WQkFNVEtVMXBZM0p2YzI5b
RDQkJlblZ5WlNCR1pXUmxjbUYwWldRZ1UxTlBJRU5sY25ScFptbGpZWFJsTUlJQklqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FROEFNSUlCQ2dLQ0FRRUE0VXVqYUd0OFhaODl2dXZ5a3lRVzVYb24vOFIv
VB0ejRhYjBNM3RNVXZHWHozVXh0V1pTRStUR1hydjN3VHRLMCs4RmtNeXVKYUhGSXBLLzRVREZpRk1yQmxzR0Z1dmtTc1p5VjIzZlNGN3paaXlUWTZUN0EwcCtnczUwNVhEOUdBYjlWYmR3R0cwK0tDVnl
c1ZRZ1YySXdKZ2l5aHF3RUNvY3dCcmFuN251SytURU5EMmwyZjlZcng1b1JNRU56NzB3bHlIMzZPWkJtdDBrNTk4L1doMEhEWUxaZW8wZHlTV3JOd3dlWXZTeEU4L01kbTQzWEV1U3pialR6ZnNNMHZVUn
GQlNyVUxFYURPMS9JUDJVcjdCc2dId1JJL3hmb3FJbUsxS2twVXEwQWxjVEFpM3YxdTl6Qy9xTGdQd0F5UUl2dzlVQ3NpcnJQQTBZMFlPaFFJREFRQUJNQTBHQ1NxR1NJYjNEUUVCQ3dVQUE0SUJBUURja
9qZEd6L0FJQ2pqTTBaN21ZbGdQNXpic2FRNWRDMmNqZjRESnFta21zV3VmUnBDNHNic3VoODcwY0NCS2N1dmgrb0dpekJRSHJQbTRUaEl2ZklsS0w4WGpMQVhiRnVSUG9IQWcwOHNMWGR2UFRCVE52REYx
WhvcU5zMmo2ZUZxL2ROdXF2ZUJIcjVENXRLblYyWEJHRUhFOVJFOVdUa1pRT2MwaEhtQ3dNbWNZb3JYRzhCa3l1OXFwNXhyMDZMQ0htMnJLcnI2ZENRVldBV0R0MzhiS2t5STRobTVSNTVCclR5UldSdzI
RS9YaFEwVksva1FJYW9GZ0hvaWo0ekg5bmxlZnZMbmhaZDVPRzROL29OS2pBKy9LbkVqaTdPQXhKWVNaR1FmRjU0R1AwQTE4VnF1NVVGaFBKMUZFQXZ5YjR0QnZtTzM1NFFVUys5UTY2agotLS0tLUVORC
DRVJUSUZJQ0FURS0tLS0t
data_receiving: manually
login_url: https://login.checkpointonline.com/621ac12d-4afb-479c-9c14-13e7b743cd07/saml2
name: TestIdp
received_identifier: https://sts.checkpoint.net/621ac12d-4afb-479c-9c14-13e7b743cd07/
state: present
usage: managing_administrator_access
- name: delete-identity-provider
cp_mgmt_identity_provider:
name: TestIdp
state: absent
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key |
Description |
|---|---|
The checkpoint object created or updated. Returned: always, except when deleting the object. |