How does Ansible panos_security_rule module work with device_group parameter?

ynorvo — Thu, 01 Aug 2024 18:54:49 GMT

I am trying to gather all the security rules for the specific device_group.

Here is my playbook/YAML file:

- name: Get all security rules fromt the Panorama

paloaltonetworks.panos.panos_security_rule:

provider:

ip_address: "{{ panorama_host }}"

api_key: "{{ netops_api_key }}"

device_group: "shared"

gathered_filter: "*"

state: gathered

- name: Write the output to json file

copy:

content: "{{ panorama_sec_rules.gathered }}"

dest: "/tmp/panorama_sec_rules.json"

When I have the device_group with the default value: "shared" or not specific, the playbook works fine.

But if I changed the device_group to any specific name which I am seeing on the GUI, it returns [] / null to my local JSON file.

I am pretty sure that I have typed the proper sensitive value for the device_group, otherwise I will see some ERROR similar to

{"msg": "Device group \"united states\" is not present."}.

Any suggestions are appreciated.

Thank you!

topic How does Ansible panos_security_rule module work with device_group parameter? in Panorama Discussions