paloaltonetworks.panos.panos_commit_panorama module – Commit Panorama’s candidate configuration.

Note

This module is part of the paloaltonetworks.panos collection (version 2.19.1).

To install it, use: ansible-galaxy collection install paloaltonetworks.panos. You need further requirements to be able to use this module, see Requirements for details.

To use it in a playbook, specify: paloaltonetworks.panos.panos_commit_panorama.

New in paloaltonetworks.panos 2.0.0

Synopsis

  • Module that will commit the candidate configuration on a Panorama instance.

  • The new configuration will become active immediately.

Requirements

The below requirements are needed on the host that executes this module.

  • pan-os-python

Parameters

Parameter

Comments

admins

list / elements=string

Commit only the changes made by specified list of administrators.

description

string

A description of the commit.

device_groups

list / elements=string

Commit changes made to these device groups.

exclude_device_and_network

boolean

Exclude network and device configuration changes.

Choices:

exclude_shared_objects

boolean

Exclude shared object configuration changes.

Choices:

force

boolean

Force the commit.

Choices:

log_collector_groups

list / elements=string

Commit changes made to these log collector groups.

log_collectors

list / elements=string

Commit changes made to these log collectors.

provider

dictionary / required

added in paloaltonetworks.panos 1.0.0

A dict object containing connection details.

api_key

string

The API key to use instead of generating it using username / password.

ip_address

string / required

The IP address or hostname of the PAN-OS device being configured.

password

string

The password to use for authentication. This is ignored if api_key is specified.

port

integer

The port number to connect to the PAN-OS device on.

Default: :ansible-option-default:`443`

serial_number

string

The serial number of a firewall to use for targeted commands. If ip_address is not a Panorama PAN-OS device, then this param is ignored.

username

string

The username to use for authentication. This is ignored if api_key is specified.

Default: :ansible-option-default:`"admin"`

sync

boolean

Wait for the commit to complete.

Choices:

template_stacks

list / elements=string

Commit changes made to these template stacks.

templates

list / elements=string

Commit changes made to these templates.

wildfire_appliances

list / elements=string

Commit changes made to these WildFire appliances.

wildfire_clusters

list / elements=string

Commit changes made to these WildFire clusters.

Examples

- name: commit candidate configs on panorama
  paloaltonetworks.panos.panos_commit_panorama:
    provider: '{{ credentials }}'

- name: commit changes by specified admins on panorama
  paloaltonetworks.panos.panos_commit_panorama:
    provider: '{{ credentials }}'
    admins: ['netops', 'secops', 'cloudops']
    description: 'Saturday change window'

- name: commit specific device group changes on panorama
  paloaltonetworks.panos.panos_commit_panorama:
    provider: '{{ credentials }}'
    device_groups: ['production', 'development', 'testing']

- name: commit log collector group changes on panorama
  paloaltonetworks.panos.panos_commit_panorama:
    provider: '{{ credentials }}'
    log_collector_groups: ['us-west-loggers', 'apac-loggers', 'latam-loggers']
    description: 'Log collector changes'

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key

Description

details

string

Commit job completion messages.

Returned: on success

Sample: :ansible-rv-sample-value:`"Configuration committed successfully"`

jobid

integer

The ID of the PAN-OS commit job.

Returned: always

Sample: :ansible-rv-sample-value:`49152`

Authors

  • Robert Hagen (@stealthllama)