- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
02-25-2022 09:47 AM
Hi, if some one can advise or help, why I am getting this error within Ansible
I am creating a load of hosts from a csv, creating a object group and then creating a security rule that references that newly created object group as a source
Error is "msg": "dictionary requested, could not parse JSON or key=value"
Below is my code
Host creation :
Rule Creation :
Cheers, any help appreciated
04-16-2022 01:44 PM - edited 04-16-2022 01:45 PM
Hi @scoobyboy, I started with your tasks and tried to replicate the error, and I could not. There are a few things that I had to tweak along the way to get the playbook working, and hopefully the notes below could help you though?
Here's my working playbook targeting a PA-Series NGFW
- name : Read CSV file
read_csv :
path : test.csv
key : hostname
register : srcr1hosts
- name : Create address objects
panos_address_object :
provider : "{{ palo_provider }}"
state : present
name : '{{ item.value.hostname }}'
value : '{{ item.value.ip}}'
with_items : "{{ srcr1hosts.dict | dict2items }}"
- set_fact :
hosts_in_group : "{{ srcr1hosts.dict | dict2items | map(attribute='key') | list }}"
- name : Add address objects to address group
panos_address_group :
provider : "{{ palo_provider }}"
name : test_group
state : present
static_value : "{{ hosts_in_group }}"
#delegate_to : Global
- name : Add a rule
panos_security_rule :
provider : "{{ palo_provider }}"
#device_group : "Azure_Perimeter_Prod"
state : 'present'
rule_name : 'Test rule'
source_zone : [ 'lab_trust' ]
destination_zone : [ 'lab_untrust' ]
source_ip : [ 'test_group' ]
source_user : [ 'any' ]
destination_ip : [ 'any' ]
application : [ 'ssl' ]
group_profile : 'default'
log_setting : 'test'
location : before
existing_rule : 'test'
action : 'allow'
Hope this helps!
04-25-2022 01:26 AM
Hi @JimmyHolland, many thanks for taking a look at this for me, it is appreciated
In answer to your questions, its targeting a Panorama, and yes it is been created in certain device groups, and yes they are supposed to be shared
I got this working on a NGFW, but when i tried targeting the Pan i started to get this error, the only change I did was add the device_group value to the "add rule" task
But no matter, thanks for assisting 🙂
Paul
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!