Hi @MichaelPrensky, I'd say you are in the right place 🙂 There are various options, but if you can define the steps and config items with placeholder variables for the values that change per firewall, you should then be able to to deploy something consistent to each firewall. You own choice of programming language could do that, Ansible could do that, Terraform -could- do it but is not the best choice given how it likes to manage via state. Ansible is becoming very popular with PAN-OS users, you can do OS upgrades, perform configuration, install certs, etc, and use the variables feature within Ansible to give each firewall the unique values but with a consistent state. The choice between Ansible, bash scripts, Python, PHP, etc is likely something that primarily depends upon what you and/or your team have skills in, and want to operationalise. And keep an eye on the market too in case you need to hire someone; Python skills are more abundant in NetOps than, say, Java! And also the choice can be down to the features of each approach; Ansible may potentially have a lower barrier to entry on learning versus learning Python from scratch, but will likely execute slower than Python, there are trade-offs. Hope that helps, hopefully some other users will chip in with their experiences...
... View more