paloaltonetworks.panos.panos_type_cmd module – Execute arbitrary TYPE commands on PAN-OS
Note
This module is part of the paloaltonetworks.panos collection (version 2.21.2).
To install it, use: ansible-galaxy collection install paloaltonetworks.panos.
You need further requirements to be able to use this module,
see Requirements for details.
To use it in a playbook, specify: paloaltonetworks.panos.panos_type_cmd.
New in paloaltonetworks.panos 1.0.0
Synopsis
This module allows you to execute arbitrary TYPE commands on PAN-OS.
This module does not provide guards of any sort, so USE AT YOUR OWN RISK.
Refer to the PAN-OS and Panorama API guide for more info.
Requirements
The below requirements are needed on the host that executes this module.
pan-python
pandevice
Parameters
Parameter |
Comments |
|---|---|
Deprecated Use provider to specify PAN-OS connectivity instead. The API key to use instead of generating it using username / password. |
|
Used in cmd=move. The reference object. |
|
Used in cmd=set, cmd=edit, and cmd=override. The element payload. |
|
A dict of extra params to pass in. |
|
Deprecated Use provider to specify PAN-OS connectivity instead. The IP address or hostname of the PAN-OS device being configured. |
|
Used in cmd=rename and cmd=clone. The new name. |
|
Deprecated Use provider to specify PAN-OS connectivity instead. The password to use for authentication. This is ignored if api_key is specified. |
|
Deprecated Use provider to specify PAN-OS connectivity instead. The port number to connect to the PAN-OS device on. Default: :ansible-option-default:`443` |
|
A dict object containing connection details. |
|
The API key to use instead of generating it using username / password. |
|
The IP address or hostname of the PAN-OS device being configured. |
|
The password to use for authentication. This is ignored if api_key is specified. |
|
The port number to connect to the PAN-OS device on. Default: :ansible-option-default:`443` |
|
The serial number of a firewall to use for targeted commands. If ip_address is not a Panorama PAN-OS device, then this param is ignored. |
|
The username to use for authentication. This is ignored if api_key is specified. Default: :ansible-option-default:`"admin"` |
|
Deprecated Use provider to specify PAN-OS connectivity instead. The username to use for authentication. This is ignored if api_key is specified. Default: :ansible-option-default:`"admin"` |
|
Used in cmd=move. The movement keyword. |
|
The XPATH. All newlines are removed from the XPATH to allow for shorter lines. |
|
Used in cmd=clone. The from xpath. |
Notes
Note
Panorama is supported.
Check mode is not supported.
PAN-OS connectivity should be specified using provider or the classic PAN-OS connectivity params (ip_address, username, password, api_key, and port). If both are present, then the classic params are ignored.
Examples
- name: Create an address object using set.
paloaltonetworks.panos.panos_type_cmd:
provider: '{{ provider }}'
xpath: |
/config/devices/entry[@name='localhost.localdomain']
/vsys/entry[@name='vsys1']
/address
element: |
<entry name="sales-block">
<ip-netmask>192.168.55.0/24</ip-netmask>
<description>Address CIDR for sales org</description>
</entry>
- name: Then rename it.
paloaltonetworks.panos.panos_type_cmd:
provider: '{{ provider }}'
cmd: 'rename'
xpath: |
/config/devices/entry[@name='localhost.localdomain']
/vsys/entry[@name='vsys1']
/address/entry[@name='sales-block']
new_name: 'dmz-block'
- name: Show the address object.
paloaltonetworks.panos.panos_type_cmd:
provider: '{{ provider }}'
cmd: 'show'
xpath: |
/config/devices/entry[@name='localhost.localdomain']
/vsys/entry[@name='vsys1']
/address/entry[@name='dmz-block']
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key |
Description |
|---|---|
output (if any) of the given API command as JSON formatted string Returned: success |
|
output of the given API command as an XML formatted string Returned: success |