#!/usr/bin/python # Copyright (c) 2018, Sebastian Schenzel # GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) # SPDX-License-Identifier: GPL-3.0-or-later from __future__ import annotations DOCUMENTATION = r""" module: utm_proxy_exception author: - Sebastian Schenzel (@RickS-C137) short_description: Create, update or destroy reverse_proxy exception entry in Sophos UTM description: - Create, update or destroy a reverse_proxy exception entry in SOPHOS UTM. - This module needs to have the REST Ability of the UTM to be activated. attributes: check_mode: support: none diff_mode: support: none options: name: description: - The name of the object that identifies the entry. required: true type: str op: description: - The operand to be used with the entries of the path parameter. default: 'AND' choices: - 'AND' - 'OR' type: str path: description: - The paths the exception in the reverse proxy is defined for. type: list elements: str default: [] skip_custom_threats_filters: description: - A list of threats to be skipped. type: list elements: str default: [] skip_threats_filter_categories: description: - Define which categories of threats are skipped. type: list elements: str default: [] skipav: description: - Skip the Antivirus Scanning. default: false type: bool skipbadclients: description: - Block clients with bad reputation. default: false type: bool skipcookie: description: - Skip the Cookie Signing check. default: false type: bool skipform: description: - Enable form hardening. default: false type: bool skipform_missingtoken: description: - Enable form hardening with missing tokens. default: false type: bool skiphtmlrewrite: description: - Protection against SQL. default: false type: bool skiptft: description: - Enable true file type control. default: false type: bool skipurl: description: - Enable static URL hardening. default: false type: bool source: description: - Define which categories of threats are skipped. type: list elements: str default: [] status: description: - Status of the exception rule set. default: true type: bool extends_documentation_fragment: - community.general.utm - community.general.attributes """ EXAMPLES = r""" - name: Create UTM proxy_exception community.general.utm_proxy_exception: utm_host: sophos.host.name utm_token: abcdefghijklmno1234 name: TestExceptionEntry backend: REF_OBJECT_STRING state: present - name: Remove UTM proxy_exception community.general.utm_proxy_exception: utm_host: sophos.host.name utm_token: abcdefghijklmno1234 name: TestExceptionEntry state: absent """ RETURN = r""" result: description: The utm object that was created. returned: success type: complex contains: _ref: description: The reference name of the object. type: str _locked: description: Whether or not the object is currently locked. type: bool _type: description: The type of the object. type: str name: description: The name of the object. type: str comment: description: The optional comment string. type: str op: description: The operand to be used with the entries of the path parameter. type: str path: description: The paths the exception in the reverse proxy is defined for. type: list skip_custom_threats_filters: description: A list of threats to be skipped. type: list skip_threats_filter_categories: description: Define which categories of threats are skipped. type: list skipav: description: Skip the Antivirus Scanning. type: bool skipbadclients: description: Block clients with bad reputation. type: bool skipcookie: description: Skip the Cookie Signing check. type: bool skipform: description: Enable form hardening. type: bool skipform_missingtoken: description: Enable form hardening with missing tokens. type: bool skiphtmlrewrite: description: Protection against SQL. type: bool skiptft: description: Enable true file type control. type: bool skipurl: description: Enable static URL hardening. type: bool source: description: Define which categories of threats are skipped. type: list """ from ansible_collections.community.general.plugins.module_utils.utm_utils import UTM, UTMModule def main(): endpoint = "reverse_proxy/exception" key_to_check_for_changes = [ "op", "path", "skip_custom_threats_filters", "skip_threats_filter_categories", "skipav", "comment", "skipbadclients", "skipcookie", "skipform", "status", "skipform_missingtoken", "skiphtmlrewrite", "skiptft", "skipurl", "source", ] module = UTMModule( argument_spec=dict( name=dict(type="str", required=True), op=dict(type="str", default="AND", choices=["AND", "OR"]), path=dict(type="list", elements="str", default=[]), skip_custom_threats_filters=dict(type="list", elements="str", default=[]), skip_threats_filter_categories=dict(type="list", elements="str", default=[]), skipav=dict(type="bool", default=False), skipbadclients=dict(type="bool", default=False), skipcookie=dict(type="bool", default=False), skipform=dict(type="bool", default=False), skipform_missingtoken=dict(type="bool", default=False), skiphtmlrewrite=dict(type="bool", default=False), skiptft=dict(type="bool", default=False), skipurl=dict(type="bool", default=False), source=dict(type="list", elements="str", default=[]), status=dict(type="bool", default=True), ) ) try: UTM(module, endpoint, key_to_check_for_changes).execute() except Exception as e: module.fail_json(msg=f"{e}") if __name__ == "__main__": main()