paloaltonetworks.panos.panos_bgp_auth module – Manage a BGP Authentication Profile

Note

This module is part of the paloaltonetworks.panos collection (version 2.21.2).

To install it, use: ansible-galaxy collection install paloaltonetworks.panos. You need further requirements to be able to use this module, see Requirements for details.

To use it in a playbook, specify: paloaltonetworks.panos.panos_bgp_auth.

New in paloaltonetworks.panos 1.0.0

Synopsis

• Use BGP to publish and consume routes from disparate networks.

Requirements

The below requirements are needed on the host that executes this module.

• pan-python can be obtained from PyPI https://pypi.python.org/pypi/pan-python

• pandevice can be obtained from PyPI https://pypi.python.org/pypi/pandevice

Parameters

Parameter	Comments
api_key string	Deprecated Use provider to specify PAN-OS connectivity instead. The API key to use instead of generating it using username / password.
commit boolean	Deprecated Please use paloaltonetworks.panos.panos_commit_firewall, paloaltonetworks.panos.panos_commit_panorama, paloaltonetworks.panos.panos_commit_push instead. Commit changes after creating object. If ip_address is a Panorama device, and device_group or template are also set, perform a commit to Panorama and a commit-all to the device group/template. Choices: :ansible-option-choices-entry:`false` :ansible-option-choices-entry:`true`
gathered_filter string	When state=gathered. An advanced filtering option to filter results returned from PAN-OS. Refer to the guide discussing gathered_filter for more information.
ip_address string	Deprecated Use provider to specify PAN-OS connectivity instead. The IP address or hostname of the PAN-OS device being configured.
name string	Name of Authentication Profile.
password string	Deprecated Use provider to specify PAN-OS connectivity instead. The password to use for authentication. This is ignored if api_key is specified.
port integer	Deprecated Use provider to specify PAN-OS connectivity instead. The port number to connect to the PAN-OS device on. Default: :ansible-option-default:`443`
provider dictionary added in paloaltonetworks.panos 1.0.0	A dict object containing connection details.
api_key string	The API key to use instead of generating it using username / password.
ip_address string	The IP address or hostname of the PAN-OS device being configured.
password string	The password to use for authentication. This is ignored if api_key is specified.
port integer	The port number to connect to the PAN-OS device on. Default: :ansible-option-default:`443`
serial_number string	The serial number of a firewall to use for targeted commands. If ip_address is not a Panorama PAN-OS device, then this param is ignored.
username string	The username to use for authentication. This is ignored if api_key is specified. Default: :ansible-option-default:`"admin"`
replace boolean	Deprecated This is the behavior of state=present, so this can safely be removed from your playbooks. The secret is encrypted so the state cannot be compared. This option forces removal of a matching item before applying the new config. Choices: :ansible-option-choices-entry:`false` :ansible-option-choices-entry:`true`
secret string	Secret.
state string	The state. Choices: :ansible-option-choices-entry-default:`"present"` ← (default) :ansible-option-choices-entry:`"absent"` :ansible-option-choices-entry:`"replaced"` :ansible-option-choices-entry:`"merged"` :ansible-option-choices-entry:`"deleted"` :ansible-option-choices-entry:`"gathered"`
template string	(Panorama only) The template this operation should target. Mutually exclusive with template_stack.
template_stack string	(Panorama only) The template stack this operation should target. Mutually exclusive with template.
username string	Deprecated Use provider to specify PAN-OS connectivity instead. The username to use for authentication. This is ignored if api_key is specified. Default: :ansible-option-default:`"admin"`
vr_name string	Name of the virtual router, it must already exist. See paloaltonetworks.panos.panos_virtual_router. Default: :ansible-option-default:`"default"`

Notes

Note

• Checkmode is not supported.

• Panorama is supported.

• Since the secret value is encrypted in PAN-OS, there is no way to verify if the secret is properly set or not. Invoking this module with state=present will always apply the config to PAN-OS.

• PAN-OS connectivity should be specified using provider or the classic PAN-OS connectivity params (ip_address, username, password, api_key, and port). If both are present, then the classic params are ignored.

• If the PAN-OS to be configured is Panorama, either template or template_stack must be specified.

Examples

- name: Create BGP Authentication Profile
  paloaltonetworks.panos.panos_bgp_auth:
    provider: '{{ provider }}'
    vr_name: 'my virtual router'
    name: auth-profile-1
    secret: SuperSecretCode

Authors

• Joshua Colson (@freakinhippie)

• Garfield Lee Freeman (@shinmog)

Collection links

Issue Tracker Homepage Repository (Sources)