- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
The PAN-OS REST API allows you to manage Firewalls and Panorama. It is a WEB API that uses HTTP or HTTPs and requests are authenticated via an API key. Request bodies and responses are formatted in JSON.
To use the REST API, enable API access for approved administrators and retrieve your API key.
Now, to get started, understand that the REST API URL format includes a base path and the URI for the endpoint.
curl -X METHOD "https://<IP address or FQDN>/restapi/<PAN-OS version>/<resource URI>
Method
GET - Read lists of resources
POST - Create a resource, rename a resource, and move a policy rule
PUT - Modify a resource
DELETE - Delete a resource
Resource URI
The PAN-OS REST API makes it simple and uses Objects, Policies, Network, and Device URI for its requests. Here are some available resource endpoints you can reference in your request:
# OBJECTS
/restapi/9.0/Objects/Addresses
/restapi/9.0/Objects/AddressGroups
/restapi/9.0/Objects/Applications
/restapi/9.0/Objects/Services
/restapi/9.0/Objects/ServiceGroups
# POLICIES
/restapi/9.0/Policies/SecurityRules
/restapi/9.0/Policies/NATRules
/restapi/9.0/Policies/QoSRules
/restapi/9.0/Policies/PolicyBasedForwardingRules
/restapi/9.0/Policies/DecryptionRules
Not seeing something you would like to work with? Take a look at all the available URI's.
Creating a Security Policy
curl -X POST \
'https://firewall/restapi/pan-os_version/Policies/SecurityRules?location=vsys&vsys=vsys1&name=rule-example1' \
-H 'X-PAN-KEY: LUFRPT=' \
-d '{
"entry": [
{
"@location": "vsys",
"@name": "test",
"@vsys": "vsys1",
"action": "allow",
"application": {
"member": [
"ssl"
]
},
"category": {
"member": [
"any"
]
},
"destination": {
"member": [
"any"
]
},
"from": {
"member": [
"internal"
]
},
"hip-profiles": {
"member": [
"any"
]
},
"service": {
"member": [
"application-default"
]
},
"source": {
"member": [
"any"
]
},
"source-user": {
"member": [
"any"
]
},
"to": {
"member": [
"any"
]
}
}
]
}'
Thank you for taking time to read this blog. I hope you found this interesting and helpful. Feel free to share your REST API examples in the comments section below!
Don't forget to hit the Like (thumbs up) button and to Subscribe to the LIVEcommunity Blog area.
Until next time,
JayGolf
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Subject | Likes |
---|---|
5 Likes | |
2 Likes | |
2 Likes | |
2 Likes | |
1 Like |