panos_dag – create a dynamic address group

New in version 2.3.

DEPRECATED

Removed in Ansible

version: 2.12

Why

This module’s functionality is a subset of panos_address_group.

Alternative

Use panos_address_group instead.

Synopsis

  • NOTE: The modules in this role are deprecated in favour of the modules in the collection https://paloaltonetworks.github.io/pan-os-ansible

  • Create a dynamic address group object in the firewall used for policy rules

Requirements

The below requirements are needed on the host that executes this module.

Parameters

Parameter Choices/Defaults Comments
api_key
-
API key that can be used instead of username/password credentials.
commit
-
Default:
"yes"
commit if changed
dag_match_filter
- / required
Default:
null
dynamic filter user by the dynamic address group
dag_name
- / required
Default:
null
name of the dynamic address group
description
-
The description of the object.
devicegroup
-
Default:
"None"
The name of the Panorama device group. The group must exist on Panorama. If device group is not defined it is assumed that we are contacting a firewall.
ip_address
- / required
Default:
null
IP address (or hostname) of PAN-OS device
operation
- / required
Default:
null
The operation to perform Supported values are add/list/delete.
password
- / required
Default:
null
password for authentication
tag_name
-
Default:
null
Add administrative tags to the DAG
username
-
Default:
"admin"
username for authentication

Examples

- name: dag
    panos_dag:
        ip_address: "192.168.1.1"
        password: "admin"
        dag_name: "dag-1"
        dag_match_filter: "'aws-tag.aws:cloudformation:logical-id.ServerInstance' and 'instanceState.running'"
        description: 'Add / create dynamic address group to allow access to SaaS Applications'
        operation: 'add'

Status

  • This module will be removed in version 2.12. [deprecated]

  • For more information see DEPRECATED.

Authors

  • Luigi Mori (@jtschichold), Ivan Bojer (@ivanbojer), Vinay Venkataraghavan (@vinayvenkat)