For details on cookie usage on our site, read our Privacy Policy
GCP HTTP(s) Load Balancer App-ID
- LIVEcommunity
- Tools
- Quickplay Solutions
- Quickplay Solutions Archived Articles
- GCP HTTP(s) Load Balancer App-ID
- Subscribe to RSS Feed
- Mark as New
- Mark as Read
- Printer Friendly Page
- Mark as New
- Subscribe to RSS Feed
- Permalink
on
01-28-2020
01:42 PM
- edited on
07-08-2021
05:19 PM
by
icharkashy
Brief Description
1. GcpHttpLbAppID skillet to create the Palo Alto Networks App-ID for the Azure Application Gateway Health Probe.
2. move_rule_rest skillet to move the rule to its proper location above the actual application rule and commit.
Target Audience
The skillet is intended for anyone deploying a VM-Series firewall behind the GCP HTTP(s) Load Balancer.
Skillet Details
Authoring Group: Public Cloud CE
Documentation: https://github.com/ceskillets/Cloud-GCP-HTTPS-Load-Balancer-App-ID
Github Location: https://github.com/ceskillets/Cloud-GCP-HTTPS-Load-Balancer-App-ID
Github Branches: master
PAN-OS Supported: v8.1 and v9.0
Cloud Provider(s) Supported: GCP
Type of Skillet: XML and REST
Purpose: Config
Detail Description
The GCP Application Load Balancer HTTP(s) Load Balancer sends an extensive amount of traffic to the firewall that can be hard to differentiate from the valid application traffic. By implementing a specific App-ID, the probe traffic can be filtered specifically to focus on either the probe traffic when troubleshooting configuration or excluded when reviewing valid application traffic. This skillet will configure the following firewall items:
- App-ID specific to the GCP HTTP(s) Load Balancer
- Objects taken as input for the subnets containing the HTTP(s) Load Balancer
- Allow rule for traffic from the HTTP(s) Load Balancer subnet specifically utilizing the App-ID
- 'move rule' skillet to move the rule to its proper location and perform a final commit
Variables for AppID Skillet
- name: appid_name
- description: appid name (32 total char limit)
- default: appidname
- type_hint: text
- name: appid_description
- description: appid_description
- default: appid_description
- type_hint: text
- name: rule_name
- description: security_rule_name
- default: security_rule_name
- type_hint: text
- name: rule_description
- description: security_rule_description
- default: security_rule_description
- type_hint: text
Variables for the Move Rule Skillet
- name: TARGET_IP
- description: Host
- default: 127.0.0.1
- type_hint: ip_address
- name: TARGET_USERNAME
- description: Username
- default: admin
- type_hint: text
- name: TARGET_PASSWORD
- description: Password
- default: admin
- type_hint: password
- name: rule_name
- description: name of security rule to move
- default: rule1
- type_hint: text
- name: ref_rule
- description: rule to move before or after
- default: rule2
- type_hint: text
- name: where
- description: move before or after other rule
- default: top
-
Ansible
2 -
App-ID
1 -
Community Skillets
14 -
Cortex
1 -
Cortex Assess
1 -
Cortex Configure
2 -
Cortex Data
1 -
Cortex Data Lake
2 -
Cortex Deploy
1 -
Cortex Exercise
1 -
DNS Proxy
1 -
DNS Security
1 -
Docker
1 -
Featured
5 -
gcp
1 -
GlobalProtect
1 -
GlobalProtect-COVID19
1 -
GlobalProtect-Resources
1 -
Government
1 -
IoT
1 -
IPSec
1 -
Iron Skillet
1 -
NGFW
17 -
NSX
1 -
PAN-Os
2 -
Panorama
6 -
Prisma Access
1 -
Prisma Access Customer Success
1 -
Prisma Assess
2 -
Prisma Configure
1 -
Prisma Deploy
2 -
Prisma Exercise
1 -
PrismaAccess-COVID19
1 -
Python
5 -
Resident Engineer
1 -
Rest
3 -
SD-WAN
1 -
Security Lifecycle Review
1 -
Skillets
19 -
Strata
1 -
Strata Assess
7 -
Strata Configure
20 -
Strata Deploy
5 -
Strata Exercise
1 -
template
1 -
Terraform
3 -
URL Filtering
1 -
URL Filtering (PAN-DB)
1 -
validation
3 -
VM-Series
1 -
VM-Series on Azure
1 -
VMware
3 -
Workflow
2
- Previous
- Next
