community.network.panos_set – Execute arbitrary commands on a PAN-OS device using XPath and element

Note

This plugin is part of the community.network collection (version 1.3.2).

To install it use: ansible-galaxy collection install community.network.

To use it in a playbook, specify: community.network.panos_set.

DEPRECATED

Removed in

version 2.0.0

Why

Consolidating code base.

Alternative

Use https://galaxy.ansible.com/PaloAltoNetworks/paloaltonetworks instead.

Synopsis

  • Run an arbitrary ‘xapi’ command taking an XPath (i.e get) or XPath and element (i.e set).

  • See https://github.com/kevinsteves/pan-python/blob/master/doc/pan.xapi.rst for details

  • Runs a ‘set’ command by default

  • This should support _all_ commands that your PAN-OS device accepts vi it’s cli

  • cli commands are found as

  • Once logged in issue ‘debug cli on’

  • Enter configuration mode by issuing ‘configure’

  • Enter your set (or other) command, for example ‘set deviceconfig system timezone Australia/Melbourne’

  • returns

  • “<request cmd=”set” obj=”/config/devices/entry[@name=’localhost.localdomain’]/deviceconfig/system” cookie=XXXX><timezone>Australia/Melbourne</timezone></request>

  • The ‘xpath’ is “/config/devices/entry[@name=’localhost.localdomain’]/deviceconfig/system”

  • The ‘element’ is “<timezone>Australia/Melbourne</timezone>”

Requirements

The below requirements are needed on the host that executes this module.

  • pan-python

Parameters

Parameter Choices/Defaults Comments
command
string
    Choices:
  • set ←
  • edit
  • delete
  • get
  • show
  • override
Xapi method name which supports 'xpath' or 'xpath' and 'element'
element
string
The 'element' for the 'xpath' if required
ip_address
string / required
IP address or host FQDN of the target PAN-OS NVA
password
string / required
Password for the given 'username'
username
string
Default:
"admin"
User name for a user with admin rights on the PAN-OS NVA
xpath
string / required
The 'xpath' for the commands configurable

Examples

- name: Set timezone on PA NVA
  community.network.panos_set:
    ip_address: "192.168.1.1"
    username: "my-random-admin"
    password: "admin1234"
    xpath: "/config/devices/entry/deviceconfig/system"
    element: "<timezone>Australia/Melbourne</timezone>"

- name: Commit configuration
  panos_commit:
    ip_address: "192.168.1.1"
    username: "my-random-admin"
    password: "admin1234"

Status

  • This module will be removed in version 2.0.0. [deprecated]

  • For more information see DEPRECATED.

Authors

  • Jasper Mackenzie (@spmp)