Creating Custom URL categories with Terraform or Ansible

cancel
Showing results for 
Search instead for 
Did you mean: 

Creating Custom URL categories with Terraform or Ansible

L1 Bithead

I may be missing something, but I'm not seeing a way to create a custom URL category via Terraform or Ansible. We are trying to automate our Palo setups as much as possible, and from what I can tell, this is the only thing we are unable to do with it. We can create the URL filtering profiles, just not the URL categories. Anyone ran into this or know of a way to do it? I know you can create them via the API, but that's kind of a messy workaround. Just wanted to check before implementing it.

1 ACCEPTED SOLUTION

Accepted Solutions

Hey Jimmy, thanks for that. I guess I forgot to include some things. My issue was the I was unable to create the category via Terraform, but was unable to create some of the other things via Ansible, that I can create with Terraform. There was no one solution to set everything up, but I did figure out what I could do. There was only 1 thing I couldn't create via Terraform and 3 I couldn't create via Ansible, so I decided to go with Terraform. I was able to get the URL category working by creating a "null_resource" in Terraform with a provisioner to call an Ansible script.

I basically created an Ansible script with a single task of creating the URL Categories, then used the following for my Terraform script:

resource "null_resource" "whitelisted_sites" {
provisioner "local-exec" {
command = "ansible-playbook -T 300 url_categories.yml --extra-vars='{\"ip_address\": \"IP_ADDRESS\", \"username\": \"USERNAME\", \"password\": \"PASSWORD\"}'"
}
}

View solution in original post

10 REPLIES 10

L4 Transporter

Hi @Brandon99, here is the Ansible module reference for Custom URL Categories: https://paloaltonetworks.github.io/pan-os-ansible/modules/panos_custom_url_category.html. Does that help?

For the PAN-OS Terraform provider, Custom URL Categories are not yet implemented, but if you could share your use case with your account team, or via your reseller, that would be really useful, and have them forward over to us. Thanks!

Help the community: "Like" helpful comments, and click "Accept as Solution" if you found your answer 🙂

Hey Jimmy, thanks for that. I guess I forgot to include some things. My issue was the I was unable to create the category via Terraform, but was unable to create some of the other things via Ansible, that I can create with Terraform. There was no one solution to set everything up, but I did figure out what I could do. There was only 1 thing I couldn't create via Terraform and 3 I couldn't create via Ansible, so I decided to go with Terraform. I was able to get the URL category working by creating a "null_resource" in Terraform with a provisioner to call an Ansible script.

I basically created an Ansible script with a single task of creating the URL Categories, then used the following for my Terraform script:

resource "null_resource" "whitelisted_sites" {
provisioner "local-exec" {
command = "ansible-playbook -T 300 url_categories.yml --extra-vars='{\"ip_address\": \"IP_ADDRESS\", \"username\": \"USERNAME\", \"password\": \"PASSWORD\"}'"
}
}

View solution in original post

L4 Transporter

Yes, that's a way to supplement Terraform provider functionality, use a null_resource to execute another script, Ansible being one example. If you can let us know via your usual account team or reseller the use case for Custom URL Categories and have them send it to me, it helps prioritise future Terraform provider features. Thanks!

Help the community: "Like" helpful comments, and click "Accept as Solution" if you found your answer 🙂

L1 Bithead

Hey @JimmyHolland,

I'm not even sure who to go to with that to be honest. We're a small team here and as far as I know, we don't really have a reseller. 
We are just using the Palo Alto AMI from the marketplace. We do have a license for our physical Palo Altos in our offices, but I'm honestly not sure who we go through for that.

No problem, I'll send you a message directly.

Help the community: "Like" helpful comments, and click "Accept as Solution" if you found your answer 🙂

L0 Member

I'm looking for the same functionality. I'll reach out to our TAM and let them know. Should I reference this forum or is there a specific project/internal ticket I should reference? 

I've sent you a message directly @rborunda_dexcom 

Help the community: "Like" helpful comments, and click "Accept as Solution" if you found your answer 🙂

L4 Transporter

Custom URL categories will be in the next Terraform release (will be out before the end of the year).

Hello,
Could you please tell me by when exactly will this be expected ?
From your above post you hint towards the end of 2021....It would be super awesome if its done by December, I'll escape the pain of incorporating our pure terraform automation with ansible 🙂 🙂

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!