panos_dag – create a dynamic address group¶
New in version 2.3.
DEPRECATED¶
- Removed in Ansible
version: 2.12
- Why
This module’s functionality is a subset of panos_address_group.
- Alternative
Use panos_address_group instead.
Synopsis¶
NOTE: The modules in this role are deprecated in favour of the modules in the collection https://paloaltonetworks.github.io/pan-os-ansible
Create a dynamic address group object in the firewall used for policy rules
Requirements¶
The below requirements are needed on the host that executes this module.
pan-python can be obtained from PyPI https://pypi.python.org/pypi/pan-python
pandevice can be obtained from PyPI https://pypi.python.org/pypi/pandevice
Parameters¶
Parameter | Choices/Defaults | Comments |
---|---|---|
api_key
-
|
API key that can be used instead of username/password credentials.
|
|
commit
-
|
Default: "yes"
|
commit if changed
|
dag_match_filter
-
/ required
|
Default: null
|
dynamic filter user by the dynamic address group
|
dag_name
-
/ required
|
Default: null
|
name of the dynamic address group
|
description
-
|
The description of the object.
|
|
devicegroup
-
|
Default: "None"
|
The name of the Panorama device group. The group must exist on Panorama. If device group is not defined it is assumed that we are contacting a firewall.
|
ip_address
-
/ required
|
Default: null
|
IP address (or hostname) of PAN-OS device
|
operation
-
/ required
|
Default: null
|
The operation to perform Supported values are add/list/delete.
|
password
-
/ required
|
Default: null
|
password for authentication
|
tag_name
-
|
Default: null
|
Add administrative tags to the DAG
|
username
-
|
Default: "admin"
|
username for authentication
|
Examples¶
- name: dag
panos_dag:
ip_address: "192.168.1.1"
password: "admin"
dag_name: "dag-1"
dag_match_filter: "'aws-tag.aws:cloudformation:logical-id.ServerInstance' and 'instanceState.running'"
description: 'Add / create dynamic address group to allow access to SaaS Applications'
operation: 'add'
Status¶
This module will be removed in version 2.12. [deprecated]
For more information see DEPRECATED.