Try SpotterRemoved in 2.12
Reason:Consolidating code base. | Alternative:Use U(https://galaxy.ansible.com/PaloAltoNetworks/paloaltonetworks) instead.
create/read/update/delete object in PAN-OS or Panorama
Authors: Bob Hagen (@rnh556)
deprecated | supported by community
Install with ansible-galaxy collection install community.general:==0.1.1
collections:
- name: community.general
version: 0.1.1Policy objects form the match criteria for policy rules and many other functions in PAN-OS. These may include address object, address groups, service objects, service groups, and tag.
- name: search for shared address object
panos_object:
ip_address: '{{ ip_address }}'
username: '{{ username }}'
password: '{{ password }}'
operation: 'find'
address: 'DevNet'
- name: create an address group in devicegroup using API key
panos_object:
ip_address: '{{ ip_address }}'
api_key: '{{ api_key }}'
operation: 'add'
addressgroup: 'Prod_DB_Svrs'
static_value: ['prod-db1', 'prod-db2', 'prod-db3']
description: 'Production DMZ database servers'
tag_name: 'DMZ'
devicegroup: 'DMZ Firewalls'
- name: create a global service for TCP 3306
panos_object:
ip_address: '{{ ip_address }}'
api_key: '{{ api_key }}'
operation: 'add'
serviceobject: 'mysql-3306'
destination_port: '3306'
protocol: 'tcp'
description: 'MySQL on tcp/3306'
- name: create a global tag
panos_object:
ip_address: '{{ ip_address }}'
username: '{{ username }}'
password: '{{ password }}'
operation: 'add'
tag_name: 'ProjectX'
color: 'yellow'
description: 'Associated with Project X'
- name: delete an address object from a devicegroup using API key
panos_object:
ip_address: '{{ ip_address }}'
api_key: '{{ api_key }}'
operation: 'delete'
addressobject: 'Win2K test'
color:
choices:
- red
- green
- blue
- yellow
- copper
- orange
- purple
- gray
- light green
- cyan
- light gray
- blue gray
- lime
- black
- gold
- brown
description: '- The color of the tag object. Valid values are I(red, green, blue,
yellow, copper, orange, purple, gray, light green, cyan, light gray, blue gray,
lime, black, gold, and brown).
'
address:
description:
- The IP address of the host or network in CIDR notation.
api_key:
description:
- API key that can be used instead of I(username)/I(password) credentials.
password:
description:
- Password credentials to use for authentication.
required: true
protocol:
choices:
- tcp
- udp
description:
- The IP protocol to be used in a service object definition. Valid values are I(tcp)
or I(udp).
services:
description:
- The group of service objects used in a servicegroup definition.
tag_name:
description:
- The name of an object or rule tag.
username:
default: admin
description:
- Username credentials to use for authentication.
operation:
choices:
- add
- update
- delete
- find
description:
- The operation to be performed. Supported values are I(add)/I(delete)/I(find).
required: true
ip_address:
description:
- IP address (or hostname) of PAN-OS device or Panorama management console being configured.
required: true
description:
description:
- The description of the object.
devicegroup:
description: '- The name of the Panorama device group. The group must exist on Panorama.
If device group is not defined it is assumed that we are contacting a firewall.
'
source_port:
description:
- The source port to be used in a service object definition.
address_type:
choices:
- ip-netmask
- ip-range
- fqdn
default: ip-netmask
description:
- The type of address object definition. Valid types are I(ip-netmask) and I(ip-range).
addressgroup:
description:
- A static group of address objects or dynamic address group.
servicegroup:
description:
- A group of service objects.
static_value:
description:
- A group of address objects to be used in an addressgroup definition.
addressobject:
description:
- The name of the address object.
dynamic_value:
description:
- The filter match criteria to be used in a dynamic addressgroup definition.
serviceobject:
description:
- The name of the service object.
destination_port:
description:
- The destination port to be used in a service object definition.