Checkpoint access rule facts (#49933)

* Add checkpoint access rule facts module

* Add docstrings and rebase with devel

* Add ANSIBLE_METADATA
This commit is contained in:
Ricardo Carrillo Cruz 2019-01-11 11:36:02 +01:00 committed by GitHub
parent 13d94ed681
commit 12e0da4f20
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -0,0 +1,107 @@
#!/usr/bin/python
#
# This file is part of Ansible
#
# Ansible is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# Ansible is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
ANSIBLE_METADATA = {'metadata_version': '1.1',
'status': ['preview'],
'supported_by': 'network'}
DOCUMENTATION = """
---
module: checkpoint_access_rule_facts
short_description: Get access rules objects facts on Checkpoint over Web Services API
description:
- Get access rules objects facts on Checkpoint devices.
All operations are performed over Web Services API.
version_added: "2.8"
author: "Ansible by Red Hat (@rcarrillocruz)"
options:
name:
description:
- Name of the access rule. If not provided, UID is required.
type: str
uid:
description:
- UID of the access rule. If not provided, name is required.
type: str
layer:
description:
- Layer the access rule is attached to.
required: True
type: str
"""
EXAMPLES = """
- name: Create access rule
checkpoint_access_rule_facts:
layer: Network
name: "Drop attacker"
"""
RETURN = """
ansible_facts:
description: The checkpoint access rule object facts.
returned: always.
type: list
"""
from ansible.module_utils.basic import AnsibleModule
from ansible.module_utils.connection import Connection
from ansible.module_utils.six.moves.urllib.error import HTTPError
import json
def get_access_rule(module, connection):
name = module.params['name']
uid = module.params['uid']
layer = module.params['layer']
if uid:
payload = {'uid': uid, 'layer': layer}
elif name:
payload = {'name': name, 'layer': layer}
code, response = connection.send_request('/web_api/show-access-rule', payload)
return code, response
def main():
argument_spec = dict(
name=dict(type='str'),
uid=dict(type='str'),
layer=dict(type='str', required=True),
)
module = AnsibleModule(argument_spec=argument_spec)
connection = Connection(module._socket_path)
code, response = get_access_rule(module, connection)
if code == 200:
module.exit_json(ansible_facts=dict(checkpoint_access_rules=response))
else:
module.fail_json(msg='Checkpoint device returned error {0} with message {1}'.format(code, response))
if __name__ == '__main__':
main()