This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Cookie Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

How to add new objects to a Panos_address_group

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

How to add new objects to a Panos_address_group

Go to solution
RobertNunez
L1 Bithead

‎05-21-2019 12:21 PM

Hi Folks,

 

I see that "Panos_address_group" can help you to create groups with a list of "static_values"; however, how do you "add/modify" a new IP addresses to an existing group or how do you delete values from the static list?

 

I did try using "panos_address_object" module; but this works in the same way that "panos_object" when adding a new address to a group.

 

What is your recommendation to solve this issue?

 

Thanks,

Roberto

 

 

1 person had this problem.
0 Likes Likes
8 REPLIES 8

Go to solution
RobertNunez
L1 Bithead
In response to gfreeman

‎05-29-2019 06:07 AM - edited ‎05-29-2019 06:08 AM

I will rather prefer a module that can help executing the following:

"cmd": "set device-group MYCLOUD address-group MYCLOUD-GRP-1 static SMTP-10.10.20.30",

or

"cmd": "delete device-group MYCLOUD address-group MYCLOUD-GRP-1 static SMTP-<IP Address>"


This will look easy to understand and cleaner than a playbook that get it all (our production config have twenty+ groups with an average of 2K IP addresses each), remove it and re-add it.

 

Do you have a way or module to execute this?

Thanks,

Roberto

0 Likes Likes

Go to solution
KNeedham
L0 Member

‎09-19-2020 10:30 PM - edited ‎09-19-2020 10:36 PM

Something like this would do the trick, based on Gfreemans post above

 

  - name: Get target address group and its config
    panos_object_facts:
      provider: '{{ panos_provider }}'
      object_type: 'address-group'
      name: 'Test-Group'
    register: TestGroupObject

  - name: Get new Address Object and its config
    panos_object_facts:
      provider: '{{ panos_provider }}'
      object_type: 'address'
      name: 'Test-Address'
    register: TestAddressObject

  - name: Add new address object to Target group
    panos_address_group:
      provider: '{{ panos_provider }}'
      name: '{{ TestGroupObject.objects[0].name }}'
      description: '{{ TestGroupObject.objects[0].description | default(omit, true) }}'
      static_value: '{{ TestGroupObject.objects[0].static_value | union([TestAddressObject.objects[0].name]) }}'
      tag: '{{ TestGroupObject.objects[0].tag | default(omit, true) }}'
      commit: false
0 Likes Likes

Go to solution
floresty36
L0 Member

‎09-23-2020 11:35 PM

The problem is with the addition to the firewall group. The task that accomplishes this seems to overwrite the existing objects within the group instead of appending to it.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Copyright 2007 - 2023 - Palo Alto Networks