paloaltonetworks.panos.panos_nat_rule_facts module – Get information about a NAT rule.

Note

This module is part of the paloaltonetworks.panos collection (version 2.21.2).

To install it, use: ansible-galaxy collection install paloaltonetworks.panos. You need further requirements to be able to use this module, see Requirements for details.

To use it in a playbook, specify: paloaltonetworks.panos.panos_nat_rule_facts.

New in paloaltonetworks.panos 1.0.0

DEPRECATED

Removed in:

version 3.0.0

Why:

Updating module design to network resource modules.

Alternative:

Use paloaltonetworks.panos.panos_nat_rule2 with state=gathered.

Synopsis

• Get information about one or more NAT rules.

Requirements

The below requirements are needed on the host that executes this module.

• pan-python

• pandevice

Parameters

Parameter	Comments
api_key string	Deprecated Use provider to specify PAN-OS connectivity instead. The API key to use instead of generating it using username / password.
device_group string	(Panorama only) The device group the operation should target. Default: :ansible-option-default:`"shared"`
ip_address string	Deprecated Use provider to specify PAN-OS connectivity instead. The IP address or hostname of the PAN-OS device being configured.
listing boolean	Return all rules. Mutually exclusive with rule_name, rule_regex, and uuid. Choices: :ansible-option-choices-entry:`false` :ansible-option-choices-entry:`true`
password string	Deprecated Use provider to specify PAN-OS connectivity instead. The password to use for authentication. This is ignored if api_key is specified.
port integer	Deprecated Use provider to specify PAN-OS connectivity instead. The port number to connect to the PAN-OS device on. Default: :ansible-option-default:`443`
provider dictionary added in paloaltonetworks.panos 1.0.0	A dict object containing connection details.
api_key string	The API key to use instead of generating it using username / password.
ip_address string	The IP address or hostname of the PAN-OS device being configured.
password string	The password to use for authentication. This is ignored if api_key is specified.
port integer	The port number to connect to the PAN-OS device on. Default: :ansible-option-default:`443`
serial_number string	The serial number of a firewall to use for targeted commands. If ip_address is not a Panorama PAN-OS device, then this param is ignored.
username string	The username to use for authentication. This is ignored if api_key is specified. Default: :ansible-option-default:`"admin"`
rule_name string	Name of the rule. Mutually exclusive with rule_regex, listing, and uuid.
rule_regex string	A regex to match against the rule name. Mutually exclusive with rule_name, listing, and uuid.
rulebase string	The rulebase in which the rule is to exist. If left unspecified, this defaults to rulebase=pre-rulebase for Panorama. For NGFW, this is always set to be rulebase=rulebase. Choices: :ansible-option-choices-entry:`"pre-rulebase"` :ansible-option-choices-entry:`"rulebase"` :ansible-option-choices-entry:`"post-rulebase"`
username string	Deprecated Use provider to specify PAN-OS connectivity instead. The username to use for authentication. This is ignored if api_key is specified. Default: :ansible-option-default:`"admin"`
uuid string	Match the given rule UUID (PAN-OS 9.0+). Mutually exclusive with rule_name, listing, and rule_regex.
vsys string	The vsys this object belongs to. Default: :ansible-option-default:`"vsys1"`

Notes

Note

• Checkmode is not supported.

• Panorama is supported.

• PAN-OS connectivity should be specified using provider or the classic PAN-OS connectivity params (ip_address, username, password, api_key, and port). If both are present, then the classic params are ignored.

Examples

- name: Get a list of all NAT rules
  paloaltonetworks.panos.panos_nat_rule_facts:
    provider: '{{ provider }}'
    listing: true
  register: res1

- debug:
    msg: '{{ res1.listing }}'

- name: Get the NAT rule foo
  paloaltonetworks.panos.panos_nat_rule_facts:
    provider: '{{ provider }}'
    rule_name: 'foo'
  register: res2

- debug:
    msg: '{{ res2.object }}'

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key	Description
listing list / elements=string	List of rules Returned: When listing or rule_regex is set
object complex	Single rule definition Returned: When rule_name or uuid is specified
description string	Description Returned: success
destination_ip list / elements=string	Destination addresses Returned: success
destination_zone list / elements=string	To zones Returned: success
dnat_address string	Destination NAT translated address Returned: success
dnat_port integer	Destination NAT translated port Returned: success
nat_type string	The NAT type Returned: success
rule_name string	Rule name Returned: success
service string	The service Returned: success
snat_address_type string	Type of source translation Returned: success
snat_bidirectional boolean	Bidirectional flag Returned: success
snat_dynamic_address list / elements=string	Source NAT translated address Returned: success
snat_interface string	Source NAT interface Returned: success
snat_interface_address string	SNAT interface address Returned: success
snat_static_address string	Static IP SNAT translated address Returned: success
snat_type string	Type of source translation Returned: success
source_ip list / elements=string	Source addresses Returned: success
source_zone list / elements=string	Source zone Returned: success
tag_val list / elements=string	Administrative tags for this rule Returned: success
to_interface string	Egress interface from route lookup Returned: success
uuid string	The UUID of the rule (PAN-OS 9.0+) Returned: success

Status

• This module will be removed in version 3.0.0. [deprecated]

• For more information see DEPRECATED.

Authors

• Garfield Lee Freeman (@shinmog)

Collection links

Issue Tracker Homepage Repository (Sources)