├── .github
└── workflows
│ ├── build.yml
│ └── release.yml
├── .gitignore
├── .goreleaser.yml
├── GNUmakefile
├── LICENSE
├── README.md
├── SUPPORT.md
├── docs
├── data-sources
│ ├── address.md
│ ├── address_group.md
│ ├── addresses.md
│ ├── admin_role.md
│ ├── administrative_tag.md
│ ├── aggregate_interface.md
│ ├── anti_spyware_security_profile.md
│ ├── antivirus_security_profile.md
│ ├── application.md
│ ├── application_group.md
│ ├── certificate_profile.md
│ ├── custom_url_category.md
│ ├── decryption_policy.md
│ ├── decryption_policy_rules.md
│ ├── device_group.md
│ ├── device_group_parent.md
│ ├── dns_settings.md
│ ├── dynamic_updates.md
│ ├── ethernet_interface.md
│ ├── external_dynamic_list.md
│ ├── file_blocking_security_profile.md
│ ├── ike_crypto_profile.md
│ ├── ike_gateway.md
│ ├── interface_management_profile.md
│ ├── ipsec_crypto_profile.md
│ ├── ipsec_tunnel.md
│ ├── ldap_profile.md
│ ├── log_forwarding_profile.md
│ ├── logical_router.md
│ ├── loopback_interface.md
│ ├── nat_policy.md
│ ├── nat_policy_rules.md
│ ├── ntp_settings.md
│ ├── security_policy.md
│ ├── security_policy_rules.md
│ ├── security_profile_group.md
│ ├── service.md
│ ├── service_group.md
│ ├── ssl_decrypt.md
│ ├── ssl_tls_service_profile.md
│ ├── template.md
│ ├── template_stack.md
│ ├── template_variable.md
│ ├── tunnel_interface.md
│ ├── url_filtering_security_profile.md
│ ├── virtual_router.md
│ ├── vlan_interface.md
│ ├── vulnerability_security_profile.md
│ ├── wildfire_analysis_security_profile.md
│ └── zone.md
├── ephemeral-resources
│ ├── api_key.md
│ └── vm_auth_key.md
├── functions
│ ├── address_value.md
│ └── generate_import_id.md
├── guides
│ ├── location.md
│ ├── migration-guide.md
│ └── panos-addresses-references.md
├── index.md
└── resources
│ ├── address.md
│ ├── address_group.md
│ ├── addresses.md
│ ├── admin_role.md
│ ├── administrative_tag.md
│ ├── aggregate_interface.md
│ ├── anti_spyware_security_profile.md
│ ├── antivirus_security_profile.md
│ ├── application.md
│ ├── application_group.md
│ ├── certificate_profile.md
│ ├── custom_url_category.md
│ ├── decryption_policy.md
│ ├── decryption_policy_rules.md
│ ├── device_group.md
│ ├── device_group_parent.md
│ ├── dns_settings.md
│ ├── dynamic_updates.md
│ ├── ethernet_interface.md
│ ├── external_dynamic_list.md
│ ├── file_blocking_security_profile.md
│ ├── ike_crypto_profile.md
│ ├── ike_gateway.md
│ ├── interface_management_profile.md
│ ├── ipsec_crypto_profile.md
│ ├── ipsec_tunnel.md
│ ├── ldap_profile.md
│ ├── log_forwarding_profile.md
│ ├── logical_router.md
│ ├── loopback_interface.md
│ ├── nat_policy.md
│ ├── nat_policy_rules.md
│ ├── ntp_settings.md
│ ├── security_policy.md
│ ├── security_policy_rules.md
│ ├── security_profile_group.md
│ ├── service.md
│ ├── service_group.md
│ ├── ssl_decrypt.md
│ ├── ssl_tls_service_profile.md
│ ├── template.md
│ ├── template_stack.md
│ ├── template_variable.md
│ ├── tunnel_interface.md
│ ├── url_filtering_security_profile.md
│ ├── virtual_router.md
│ ├── vlan_interface.md
│ ├── vulnerability_security_profile.md
│ ├── wildfire_analysis_security_profile.md
│ └── zone.md
├── examples
└── resources
│ ├── panos_address
│ └── import.sh
│ ├── panos_address_group
│ └── import.sh
│ ├── panos_addresses
│ └── import.sh
│ ├── panos_security_policy
│ └── import.sh
│ └── panos_security_policy_rules
│ └── import.sh
├── go.mod
├── go.sum
├── internal
├── manager
│ ├── config.go
│ ├── entry.go
│ ├── entry_import.go
│ ├── entry_test.go
│ ├── entry_utils_test.go
│ ├── manager.go
│ ├── sdk_manager_suite_test.go
│ ├── utils_test.go
│ ├── uuid.go
│ ├── uuid_test.go
│ └── uuid_utils_test.go
└── provider
│ ├── address.go
│ ├── address_group.go
│ ├── addresses.go
│ ├── admin_role.go
│ ├── administrative_tag.go
│ ├── aggregate_interface.go
│ ├── anti_spyware_security_profile.go
│ ├── antivirus_security_profile.go
│ ├── api_key.go
│ ├── application.go
│ ├── application_group.go
│ ├── certificate_profile.go
│ ├── custom_url_category.go
│ ├── decryption_policy.go
│ ├── decryption_policy_rules.go
│ ├── device_group.go
│ ├── device_group_parent.go
│ ├── dns_settings.go
│ ├── dynamic_updates.go
│ ├── errors.go
│ ├── ethernet_interface.go
│ ├── external_dynamic_list.go
│ ├── file_blocking_security_profile.go
│ ├── func_address_value.go
│ ├── func_create_import_id.go
│ ├── ike_crypto_profile.go
│ ├── ike_gateway.go
│ ├── interface_management_profile.go
│ ├── ipsec_crypto_profile.go
│ ├── ipsec_tunnel.go
│ ├── ldap_profile.go
│ ├── log_forwarding_profile.go
│ ├── logical_router.go
│ ├── loopback_interface.go
│ ├── nat_policy.go
│ ├── nat_policy_rules.go
│ ├── ntp_settings.go
│ ├── position.go
│ ├── provider.go
│ ├── security_policy.go
│ ├── security_policy_rules.go
│ ├── security_profile_group.go
│ ├── service.go
│ ├── service_group.go
│ ├── ssl_decrypt.go
│ ├── ssl_tls_service_profile.go
│ ├── template.go
│ ├── template_stack.go
│ ├── template_variable.go
│ ├── tfid.go
│ ├── tools.go
│ ├── tunnel_interface.go
│ ├── url_filtering_security_profile.go
│ ├── virtual_router.go
│ ├── vlan_interface.go
│ ├── vm_auth_key.go
│ ├── vulnerability_security_profile.go
│ ├── wildfire_analysis_security_profile.go
│ └── zone.go
├── main.go
├── scripts
├── errcheck.sh
├── gofmtcheck.sh
└── gogetcookie.sh
├── templates
├── guides
│ ├── location.md
│ ├── migration-guide.md
│ └── panos-addresses-references.md
└── index.md.tmpl
├── terraform-registry-manifest.json
├── test
├── ephemeral_api_key_test.go
├── panos_sweeper_test.go
├── provider_test.go
├── resource_address_group_test.go
├── resource_address_objects_test.go
├── resource_addresses_test.go
├── resource_admin_role_test.go
├── resource_administrative_tag_test.go
├── resource_aggregate_interface_test.go
├── resource_antivirus_security_profile_test.go
├── resource_application_group_test.go
├── resource_application_test.go
├── resource_custom_url_category_test.go
├── resource_decryption_policy_test.go
├── resource_device_group_parent_test.go
├── resource_device_group_test.go
├── resource_dns_settings_test.go
├── resource_dynamic_updates_test.go
├── resource_ethernet_interface_test.go
├── resource_external_dynamic_list_test.go
├── resource_ike_crypto_profile_test.go
├── resource_ike_gateway_test.go
├── resource_interface_management_profile_test.go
├── resource_ipsec_crypto_profile_test.go
├── resource_ldap_profile_test.go
├── resource_log_forwarding_test.go
├── resource_logical_router_test.go
├── resource_loopback_interface_test.go
├── resource_nat_policy_test.go
├── resource_ntp_settings_test.go
├── resource_panorama_template_test.go
├── resource_panorama_template_variable_test.go
├── resource_security_policy_rules_test.go
├── resource_security_policy_test.go
├── resource_security_profile_test.go
├── resource_service_group_test.go
├── resource_service_test.go
├── resource_tunnel_interface_test.go
├── resource_url_filtering_security_profile_test.go
├── resource_virtual_router_test.go
├── resource_vlan_interface_test.go
├── resource_vulnerability_security_profile_test.go
└── resource_zone_test.go
└── tools
└── tools.go
/.github/workflows/build.yml:
--------------------------------------------------------------------------------
1 | name: Build
2 |
3 | on:
4 | push:
5 | branches: [main]
6 | pull_request:
7 | branches: [main]
8 |
9 | jobs:
10 | build:
11 | name: Build
12 | runs-on: ubuntu-latest
13 | strategy:
14 | fail-fast: false
15 | matrix:
16 | go-version: [1.21, 1.22]
17 |
18 | steps:
19 | - name: Set up Go 1.x
20 | uses: actions/setup-go@0aaccfd150d50ccaeb58ebd88d36e91967a5f35b # v5
21 | with:
22 | go-version: ${{ matrix.go-version }}
23 | id: go
24 |
25 | - name: Check out code into the Go module directory
26 | uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
27 |
28 | - name: Get dependencies
29 | run: |
30 | go get -v -t -d ./...
31 | if [ -f Gopkg.toml ]; then
32 | curl https://raw.githubusercontent.com/golang/dep/master/install.sh | sh
33 | dep ensure
34 | fi
35 |
36 | - name: Build
37 | run: go build -v .
38 |
39 | - name: Test
40 | run: go test -v .
41 |
--------------------------------------------------------------------------------
/.github/workflows/release.yml:
--------------------------------------------------------------------------------
1 | # Terraform Provider release workflow.
2 |
3 | name: Release
4 |
5 | on:
6 | push:
7 | tags:
8 | - 'v*'
9 |
10 | # Releases need permissions to read and write the repository contents.
11 | # GitHub considers creating releases and uploading assets as writing contents.
12 | permissions:
13 | contents: write
14 |
15 | jobs:
16 | goreleaser:
17 | runs-on: ubuntu-latest
18 | steps:
19 | - name: Checkout
20 | uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
21 |
22 | - name: Unshallow
23 | run: git fetch --prune --unshallow
24 |
25 | - name: Set up Go
26 | uses: actions/setup-go@0aaccfd150d50ccaeb58ebd88d36e91967a5f35b # v5
27 | with:
28 | go-version-file: 'go.mod'
29 | cache: true
30 |
31 | - name: Import GPG key
32 | id: import_gpg
33 | uses: crazy-max/ghaction-import-gpg@01dd5d3ca463c7f10f7f4f7b4f177225ac661ee4 # v6.1.0
34 | with:
35 | gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
36 | passphrase: ${{ secrets.PASSPHRASE }}
37 |
38 | - name: Run GoReleaser
39 | uses: goreleaser/goreleaser-action@9c156ee8a17a598857849441385a2041ef570552 # v6
40 | with:
41 | version: latest
42 | args: release --clean
43 | env:
44 | GPG_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }}
45 | GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
46 |
--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
1 | # Binaries for programs and plugins
2 | *.exe
3 | *.dll
4 | *.so
5 | *.dylib
6 |
7 | # Test binary, build with `go test -c`
8 | *.test
9 |
10 | # Output of the go coverage tool, specifically when used with LiteIDE
11 | *.out
12 |
13 | # Project-local glide cache, RE: https://github.com/Masterminds/glide/issues/736
14 | .glide/
15 |
16 | # Misc ignores
17 | *.tf
18 | *.swp
19 | .DS_Store
20 | .terraform/
21 | terraform.tfstate
22 | terraform.tfstate.backup
23 | terraform-provider-panos
24 |
--------------------------------------------------------------------------------
/.goreleaser.yml:
--------------------------------------------------------------------------------
1 | # Visit https://goreleaser.com for documentation on how to customize this
2 | # behavior.
3 | version: 2
4 | before:
5 | hooks:
6 | # this is just an example and not a requirement for provider building/publishing
7 | - go mod tidy
8 | builds:
9 | - env:
10 | # goreleaser does not work with CGO, it could also complicate
11 | # usage by users in CI/CD systems like HCP Terraform where
12 | # they are unable to install libraries.
13 | - CGO_ENABLED=0
14 | mod_timestamp: "{{ .CommitTimestamp }}"
15 | flags:
16 | - -trimpath
17 | ldflags:
18 | - "-s -w -X main.version={{.Version}} -X main.commit={{.Commit}}"
19 | goos:
20 | - freebsd
21 | - windows
22 | - linux
23 | - darwin
24 | goarch:
25 | - amd64
26 | - "386"
27 | - arm
28 | - arm64
29 | ignore:
30 | - goos: darwin
31 | goarch: "386"
32 | binary: "{{ .ProjectName }}_v{{ .Version }}"
33 | archives:
34 | - format: zip
35 | name_template: "{{ .ProjectName }}_{{ .Version }}_{{ .Os }}_{{ .Arch }}"
36 | checksum:
37 | extra_files:
38 | - glob: "terraform-registry-manifest.json"
39 | name_template: "{{ .ProjectName }}_{{ .Version }}_manifest.json"
40 | name_template: "{{ .ProjectName }}_{{ .Version }}_SHA256SUMS"
41 | algorithm: sha256
42 | signs:
43 | - artifacts: checksum
44 | args:
45 | # if you are using this in a GitHub action or some other automated pipeline, you
46 | # need to pass the batch flag to indicate its not interactive.
47 | - "--batch"
48 | - "--local-user"
49 | - "{{ .Env.GPG_FINGERPRINT }}" # set this environment variable for your signing key
50 | - "--output"
51 | - "${signature}"
52 | - "--detach-sign"
53 | - "${artifact}"
54 | release:
55 | extra_files:
56 | - glob: "terraform-registry-manifest.json"
57 | name_template: "{{ .ProjectName }}_{{ .Version }}_manifest.json"
58 | # If you want to manually examine the release before its live, uncomment this line:
59 | # draft: true
60 | changelog:
61 | disable: true
62 |
--------------------------------------------------------------------------------
/GNUmakefile:
--------------------------------------------------------------------------------
1 | TEST?=$$(go list ./... |grep -v 'vendor')
2 | GOFMT_FILES?=$$(find . -name '*.go' |grep -v vendor)
3 | WEBSITE_REPO=github.com/hashicorp/terraform-website
4 | PKG_NAME=panos
5 |
6 | default: build
7 |
8 | build: fmtcheck
9 | go install
10 |
11 | test: fmtcheck
12 | go test -i $(TEST) || exit 1
13 | echo $(TEST) | \
14 | xargs -t -n4 go test $(TESTARGS) -timeout=30s -parallel=4
15 |
16 | testacc: fmtcheck
17 | TF_ACC=1 go test $(TEST) -v $(TESTARGS) -timeout 120m
18 |
19 | vet:
20 | @echo "go vet ."
21 | @go vet $$(go list ./... | grep -v vendor/) ; if [ $$? -eq 1 ]; then \
22 | echo ""; \
23 | echo "Vet found suspicious constructs. Please check the reported constructs"; \
24 | echo "and fix them if necessary before submitting the code for review."; \
25 | exit 1; \
26 | fi
27 |
28 | fmt:
29 | gofmt -w $(GOFMT_FILES)
30 |
31 | fmtcheck:
32 | @sh -c "'$(CURDIR)/scripts/gofmtcheck.sh'"
33 |
34 | errcheck:
35 | @sh -c "'$(CURDIR)/scripts/errcheck.sh'"
36 |
37 | test-compile:
38 | @if [ "$(TEST)" = "./..." ]; then \
39 | echo "ERROR: Set TEST to a specific package. For example,"; \
40 | echo " make test-compile TEST=./$(PKG_NAME)"; \
41 | exit 1; \
42 | fi
43 | go test -c $(TEST) $(TESTARGS)
44 |
45 | website:
46 | ifeq (,$(wildcard $(GOPATH)/src/$(WEBSITE_REPO)))
47 | echo "$(WEBSITE_REPO) not found in your GOPATH (necessary for layouts and assets), get-ting..."
48 | git clone https://$(WEBSITE_REPO) $(GOPATH)/src/$(WEBSITE_REPO)
49 | endif
50 | @$(MAKE) -C $(GOPATH)/src/$(WEBSITE_REPO) website-provider PROVIDER_PATH=$(shell pwd) PROVIDER_NAME=$(PKG_NAME)
51 |
52 | website-test:
53 | ifeq (,$(wildcard $(GOPATH)/src/$(WEBSITE_REPO)))
54 | echo "$(WEBSITE_REPO) not found in your GOPATH (necessary for layouts and assets), get-ting..."
55 | git clone https://$(WEBSITE_REPO) $(GOPATH)/src/$(WEBSITE_REPO)
56 | endif
57 | @$(MAKE) -C $(GOPATH)/src/$(WEBSITE_REPO) website-provider-test PROVIDER_PATH=$(shell pwd) PROVIDER_NAME=$(PKG_NAME)
58 |
59 | .PHONY: build test testacc vet fmt fmtcheck errcheck test-compile website website-test
60 |
61 |
--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
1 | MIT License
2 |
3 | Copyright (c) 2020 Palo Alto Networks, inc.
4 |
5 | Permission is hereby granted, free of charge, to any person obtaining a copy
6 | of this software and associated documentation files (the "Software"), to deal
7 | in the Software without restriction, including without limitation the rights
8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 |
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 |
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # Terraform Provider for Palo Alto Networks PANOS
2 |
3 | > [!NOTE]
4 | > This provider is auto-generated via [pan-os-codegen](https://github.com/PaloAltoNetworks/pan-os-codegen)
5 |
6 | - Website: https://www.terraform.io
7 | - Documentation: https://www.terraform.io/docs/providers/panos/index.html
8 | - [Roadmap](https://github.com/orgs/PaloAltoNetworks/projects/62/views/11)
9 |
10 | > [!TIP]
11 | >
12 | > ### Getting Started
13 | >
14 | > [Guide on Wiki](https://github.com/PaloAltoNetworks/pan-os-codegen/wiki/Getting-Started)
15 |
16 | ## Requirements
17 |
18 | - [Terraform](https://www.terraform.io/downloads.html) 1.8.x or higher
19 | - [Go](https://golang.org/doc/install) 1.22 (to build the provider plugin)
20 |
21 | ## Building The Provider
22 |
23 | 1. Install [Go](https://go.dev/dl)
24 |
25 | 2. Clone the SDK repo:
26 |
27 | ```sh
28 | git clone https://github.com/paloaltonetworks/pango
29 | ```
30 |
31 | 3. Clone this repo:
32 |
33 | ```sh
34 | git clone https://github.com/paloaltonetworks/terraform-provider-panos
35 | ```
36 |
37 | 4. Build the provider:
38 |
39 | ```sh
40 | cd terraform-provider-panos
41 | go build .
42 | ```
43 |
44 | 5. Specify the `dev_overrides` configuration per the next section below. This tells Terraform where to find the provider you just built. The directory to specify is the full path to the cloned provider repo.
45 |
46 | ## Developing the Provider
47 |
48 | With Terraform v1 and later, [development overrides for provider developers](https://www.terraform.io/docs/cli/config/config-file.html#development-overrides-for-provider-developers) can be leveraged in order to use the provider built from source.
49 |
50 | To do this, populate a Terraform CLI configuration file (`~/.terraformrc` for all platforms other than Windows; `terraform.rc` in the `%APPDATA%` directory when using Windows) with at least the following options:
51 |
52 | ```hcl
53 | provider_installation {
54 | dev_overrides {
55 | "registry.terraform.io/paloaltonetworks-local/panos" = "/directory/containing/the/provider/binary/here"
56 | }
57 |
58 | direct {}
59 | }
60 | ```
61 |
62 | Then when referencing the locally built provider, use the local name in the `terraform` configuration block like so:
63 |
64 | ```hcl
65 | terraform {
66 | required_providers {
67 | panos = {
68 | source = "paloaltonetworks-local/panos"
69 | version = "2.0.0"
70 | }
71 | }
72 | }
73 | ```
74 |
--------------------------------------------------------------------------------
/SUPPORT.md:
--------------------------------------------------------------------------------
1 | # Community Supported
2 |
3 | This template/script/solution is released “as-is”, with no warranty and no support. These should be seen as community
4 | supported and Palo Alto Networks may contribute its expertise at its discretion. Palo Alto Networks, including through
5 | its Authorized Support Centers (ASC) partners and backline support options, will not provide technical support or help
6 | in using or troubleshooting this template/script/solution. The underlying product used by this template/script/solution
7 | will still be supported in accordance with the product’s applicable support policy and the customer’s entitlements.
--------------------------------------------------------------------------------
/docs/data-sources/address.md:
--------------------------------------------------------------------------------
1 | ---
2 | # generated by https://github.com/hashicorp/terraform-plugin-docs
3 | page_title: "panos_address Data Source - panos"
4 | subcategory: Objects
5 | description: |-
6 |
7 | ---
8 |
9 | # panos_address (Data Source)
10 |
11 |
12 |
13 |
14 |
15 |
16 | ## Schema
17 |
18 | ### Required
19 |
20 | - `location` (Attributes) The location of this object. (see [below for nested schema](#nestedatt--location))
21 | - `name` (String)
22 |
23 | ### Optional
24 |
25 | - `description` (String) The description.
26 | - `disable_override` (String) disable object override in child device groups
27 | - `fqdn` (String) The FQDN value.
28 | - `ip_netmask` (String) The IP netmask value.
29 | - `ip_range` (String) The IP range value.
30 | - `ip_wildcard` (String) The IP wildcard value.
31 | - `tags` (List of String) The administrative tags.
32 |
33 |
34 | ### Nested Schema for `location`
35 |
36 | Optional:
37 |
38 | - `device_group` (Attributes) Located in a specific Device Group (see [below for nested schema](#nestedatt--location--device_group))
39 | - `shared` (Attributes) Panorama shared object (see [below for nested schema](#nestedatt--location--shared))
40 | - `vsys` (Attributes) Located in a specific Virtual System (see [below for nested schema](#nestedatt--location--vsys))
41 |
42 |
43 | ### Nested Schema for `location.device_group`
44 |
45 | Optional:
46 |
47 | - `name` (String) Device Group name
48 | - `panorama_device` (String) Panorama device name
49 |
50 |
51 |
52 | ### Nested Schema for `location.shared`
53 |
54 |
55 |
56 | ### Nested Schema for `location.vsys`
57 |
58 | Optional:
59 |
60 | - `name` (String) The Virtual System name
61 | - `ngfw_device` (String) The NGFW device name
--------------------------------------------------------------------------------
/docs/data-sources/address_group.md:
--------------------------------------------------------------------------------
1 | ---
2 | # generated by https://github.com/hashicorp/terraform-plugin-docs
3 | page_title: "panos_address_group Data Source - panos"
4 | subcategory: Objects
5 | description: |-
6 |
7 | ---
8 |
9 | # panos_address_group (Data Source)
10 |
11 |
12 |
13 |
14 |
15 |
16 | ## Schema
17 |
18 | ### Required
19 |
20 | - `location` (Attributes) The location of this object. (see [below for nested schema](#nestedatt--location))
21 | - `name` (String)
22 |
23 | ### Optional
24 |
25 | - `description` (String)
26 | - `disable_override` (String) disable object override in child device groups
27 | - `dynamic` (Attributes) (see [below for nested schema](#nestedatt--dynamic))
28 | - `static` (List of String)
29 | - `tag` (List of String)
30 |
31 |
32 | ### Nested Schema for `location`
33 |
34 | Optional:
35 |
36 | - `device_group` (Attributes) Located in a specific Device Group (see [below for nested schema](#nestedatt--location--device_group))
37 | - `shared` (Attributes) Panorama shared object (see [below for nested schema](#nestedatt--location--shared))
38 | - `vsys` (Attributes) Located in a specific Virtual System (see [below for nested schema](#nestedatt--location--vsys))
39 |
40 |
41 | ### Nested Schema for `location.device_group`
42 |
43 | Optional:
44 |
45 | - `name` (String) Device Group name
46 | - `panorama_device` (String) Panorama device name
47 |
48 |
49 |
50 | ### Nested Schema for `location.shared`
51 |
52 |
53 |
54 | ### Nested Schema for `location.vsys`
55 |
56 | Optional:
57 |
58 | - `name` (String) The Virtual System name
59 | - `ngfw_device` (String) The NGFW device name
60 |
61 |
62 |
63 |
64 | ### Nested Schema for `dynamic`
65 |
66 | Optional:
67 |
68 | - `filter` (String) tag-based filter
--------------------------------------------------------------------------------
/docs/data-sources/addresses.md:
--------------------------------------------------------------------------------
1 | ---
2 | # generated by https://github.com/hashicorp/terraform-plugin-docs
3 | page_title: "panos_addresses Data Source - panos"
4 | subcategory: Objects
5 | description: |-
6 |
7 | ---
8 |
9 | # panos_addresses (Data Source)
10 |
11 |
12 |
13 |
14 |
15 |
16 | ## Schema
17 |
18 | ### Required
19 |
20 | - `addresses` (Attributes Map) (see [below for nested schema](#nestedatt--addresses))
21 | - `location` (Attributes) The location of this object. (see [below for nested schema](#nestedatt--location))
22 |
23 |
24 | ### Nested Schema for `addresses`
25 |
26 | Optional:
27 |
28 | - `description` (String) The description.
29 | - `disable_override` (String) disable object override in child device groups
30 | - `fqdn` (String) The FQDN value.
31 | - `ip_netmask` (String) The IP netmask value.
32 | - `ip_range` (String) The IP range value.
33 | - `ip_wildcard` (String) The IP wildcard value.
34 | - `tags` (List of String) The administrative tags.
35 |
36 |
37 |
38 | ### Nested Schema for `location`
39 |
40 | Optional:
41 |
42 | - `device_group` (Attributes) Located in a specific Device Group (see [below for nested schema](#nestedatt--location--device_group))
43 | - `shared` (Attributes) Panorama shared object (see [below for nested schema](#nestedatt--location--shared))
44 | - `vsys` (Attributes) Located in a specific Virtual System (see [below for nested schema](#nestedatt--location--vsys))
45 |
46 |
47 | ### Nested Schema for `location.device_group`
48 |
49 | Optional:
50 |
51 | - `name` (String) Device Group name
52 | - `panorama_device` (String) Panorama device name
53 |
54 |
55 |
56 | ### Nested Schema for `location.shared`
57 |
58 |
59 |
60 | ### Nested Schema for `location.vsys`
61 |
62 | Optional:
63 |
64 | - `name` (String) The Virtual System name
65 | - `ngfw_device` (String) The NGFW device name
--------------------------------------------------------------------------------
/docs/data-sources/administrative_tag.md:
--------------------------------------------------------------------------------
1 | ---
2 | # generated by https://github.com/hashicorp/terraform-plugin-docs
3 | page_title: "panos_administrative_tag Data Source - panos"
4 | subcategory: Objects
5 | description: |-
6 |
7 | ---
8 |
9 | # panos_administrative_tag (Data Source)
10 |
11 |
12 |
13 |
14 |
15 |
16 | ## Schema
17 |
18 | ### Required
19 |
20 | - `location` (Attributes) The location of this object. (see [below for nested schema](#nestedatt--location))
21 | - `name` (String)
22 |
23 | ### Optional
24 |
25 | - `color` (String)
26 | - `comments` (String)
27 | - `disable_override` (String) disable object override in child device groups
28 |
29 |
30 | ### Nested Schema for `location`
31 |
32 | Optional:
33 |
34 | - `device_group` (Attributes) Located in a specific Device Group (see [below for nested schema](#nestedatt--location--device_group))
35 | - `shared` (Attributes) Panorama shared object (see [below for nested schema](#nestedatt--location--shared))
36 | - `vsys` (Attributes) Located in a specific Virtual System (see [below for nested schema](#nestedatt--location--vsys))
37 |
38 |
39 | ### Nested Schema for `location.device_group`
40 |
41 | Optional:
42 |
43 | - `name` (String) Device Group name
44 | - `panorama_device` (String) Panorama device name
45 |
46 |
47 |
48 | ### Nested Schema for `location.shared`
49 |
50 |
51 |
52 | ### Nested Schema for `location.vsys`
53 |
54 | Optional:
55 |
56 | - `name` (String) The Virtual System name
57 | - `ngfw_device` (String) The NGFW device name
--------------------------------------------------------------------------------
/docs/data-sources/antivirus_security_profile.md:
--------------------------------------------------------------------------------
1 | ---
2 | # generated by https://github.com/hashicorp/terraform-plugin-docs
3 | page_title: "panos_antivirus_security_profile Data Source - panos"
4 | subcategory: Objects
5 | description: |-
6 |
7 | ---
8 |
9 | # panos_antivirus_security_profile (Data Source)
10 |
11 |
12 |
13 |
14 |
15 |
16 | ## Schema
17 |
18 | ### Required
19 |
20 | - `location` (Attributes) The location of this object. (see [below for nested schema](#nestedatt--location))
21 | - `name` (String)
22 |
23 | ### Optional
24 |
25 | - `application_exceptions` (Attributes List) Application exceptions (see [below for nested schema](#nestedatt--application_exceptions))
26 | - `decoders` (Attributes List) Protocol decoders (see [below for nested schema](#nestedatt--decoders))
27 | - `description` (String) Profile description
28 | - `disable_override` (String) Disable object override in child device groups
29 | - `machine_learning_exceptions` (Attributes List) Exceptions for ML based file scans. (see [below for nested schema](#nestedatt--machine_learning_exceptions))
30 | - `machine_learning_models` (Attributes List) Machine learning models (see [below for nested schema](#nestedatt--machine_learning_models))
31 | - `packet_capture` (Boolean) Enable packet capture
32 | - `threat_exceptions` (Attributes List) Exceptions for specific threats (see [below for nested schema](#nestedatt--threat_exceptions))
33 | - `wfrt_hold_mode` (Boolean) Enable hold mode for WildFire real time signature lookup
34 |
35 |
36 | ### Nested Schema for `location`
37 |
38 | Optional:
39 |
40 | - `device_group` (Attributes) Located in a specific Device Group (see [below for nested schema](#nestedatt--location--device_group))
41 | - `shared` (Attributes) Panorama shared object (see [below for nested schema](#nestedatt--location--shared))
42 | - `vsys` (Attributes) Located in a specific Virtual System (see [below for nested schema](#nestedatt--location--vsys))
43 |
44 |
45 | ### Nested Schema for `location.device_group`
46 |
47 | Optional:
48 |
49 | - `name` (String) Device Group name
50 | - `panorama_device` (String) Panorama device name
51 |
52 |
53 |
54 | ### Nested Schema for `location.shared`
55 |
56 |
57 |
58 | ### Nested Schema for `location.vsys`
59 |
60 | Optional:
61 |
62 | - `name` (String) The Virtual System name
63 | - `ngfw_device` (String) The NGFW device name
64 |
65 |
66 |
67 |
68 | ### Nested Schema for `application_exceptions`
69 |
70 | Required:
71 |
72 | - `name` (String)
73 |
74 | Optional:
75 |
76 | - `action` (String) Action for application exception. Valid values are: `default` (default), `allow`, `alert`, `drop`, `reset-client`, `reset-server`, or `reset-both`
77 |
78 |
79 |
80 | ### Nested Schema for `decoders`
81 |
82 | Required:
83 |
84 | - `name` (String)
85 |
86 | Optional:
87 |
88 | - `action` (String) Action for standard antivirus signatures. Valid values are: `default` (default), `allow`, `alert`, `drop`, `reset-client`, `reset-server`, or `reset-both`
89 | - `ml_action` (String) Action for malicious threats detected in real-time by the WildFire Inline ML models. Valid values are: `default` (default), `allow`, `alert`, `drop`, `reset-client`, `reset-server`, or `reset-both`
90 | - `wildfire_action` (String) Action for signatures generated by the WildFire system. Valid values are: `default` (default), `allow`, `alert`, `drop`, `reset-client`, `reset-server`, or `reset-both`
91 |
92 |
93 |
94 | ### Nested Schema for `machine_learning_exceptions`
95 |
96 | Required:
97 |
98 | - `name` (String)
99 |
100 | Optional:
101 |
102 | - `description` (String) Exception description
103 | - `filename` (String) File name to exclude from enforcement
104 |
105 |
106 |
107 | ### Nested Schema for `machine_learning_models`
108 |
109 | Required:
110 |
111 | - `name` (String)
112 |
113 | Optional:
114 |
115 | - `action` (String) Action for ML model antivirus signatures. Valid values are: `enable`, `enable(alert-only)`, or `disable`
116 |
117 |
118 |
119 | ### Nested Schema for `threat_exceptions`
120 |
121 | Required:
122 |
123 | - `name` (String)
--------------------------------------------------------------------------------
/docs/data-sources/application_group.md:
--------------------------------------------------------------------------------
1 | ---
2 | # generated by https://github.com/hashicorp/terraform-plugin-docs
3 | page_title: "panos_application_group Data Source - panos"
4 | subcategory: Objects
5 | description: |-
6 |
7 | ---
8 |
9 | # panos_application_group (Data Source)
10 |
11 |
12 |
13 |
14 |
15 |
16 | ## Schema
17 |
18 | ### Required
19 |
20 | - `location` (Attributes) The location of this object. (see [below for nested schema](#nestedatt--location))
21 | - `name` (String)
22 |
23 | ### Optional
24 |
25 | - `disable_override` (String) disable object override in child device groups
26 | - `members` (List of String)
27 |
28 |
29 | ### Nested Schema for `location`
30 |
31 | Optional:
32 |
33 | - `device_group` (Attributes) Located in a specific Device Group (see [below for nested schema](#nestedatt--location--device_group))
34 | - `shared` (Attributes) Panorama shared object (see [below for nested schema](#nestedatt--location--shared))
35 | - `vsys` (Attributes) Located in a specific Virtual System (see [below for nested schema](#nestedatt--location--vsys))
36 |
37 |
38 | ### Nested Schema for `location.device_group`
39 |
40 | Optional:
41 |
42 | - `name` (String) Device Group name
43 | - `panorama_device` (String) Panorama device name
44 |
45 |
46 |
47 | ### Nested Schema for `location.shared`
48 |
49 |
50 |
51 | ### Nested Schema for `location.vsys`
52 |
53 | Optional:
54 |
55 | - `name` (String) The Virtual System name
56 | - `ngfw_device` (String) The NGFW device name
--------------------------------------------------------------------------------
/docs/data-sources/custom_url_category.md:
--------------------------------------------------------------------------------
1 | ---
2 | # generated by https://github.com/hashicorp/terraform-plugin-docs
3 | page_title: "panos_custom_url_category Data Source - panos"
4 | subcategory: Objects
5 | description: |-
6 |
7 | ---
8 |
9 | # panos_custom_url_category (Data Source)
10 |
11 |
12 |
13 |
14 |
15 |
16 | ## Schema
17 |
18 | ### Required
19 |
20 | - `location` (Attributes) The location of this object. (see [below for nested schema](#nestedatt--location))
21 | - `name` (String)
22 |
23 | ### Optional
24 |
25 | - `description` (String)
26 | - `disable_override` (String) disable object override in child device groups
27 | - `list` (List of String)
28 | - `type` (String)
29 |
30 |
31 | ### Nested Schema for `location`
32 |
33 | Optional:
34 |
35 | - `device_group` (Attributes) Located in a specific Device Group (see [below for nested schema](#nestedatt--location--device_group))
36 | - `shared` (Attributes) Panorama shared object (see [below for nested schema](#nestedatt--location--shared))
37 | - `vsys` (Attributes) Located in a specific Virtual System (see [below for nested schema](#nestedatt--location--vsys))
38 |
39 |
40 | ### Nested Schema for `location.device_group`
41 |
42 | Optional:
43 |
44 | - `name` (String) Device Group name
45 | - `panorama_device` (String) Panorama device name
46 |
47 |
48 |
49 | ### Nested Schema for `location.shared`
50 |
51 |
52 |
53 | ### Nested Schema for `location.vsys`
54 |
55 | Optional:
56 |
57 | - `name` (String) The Virtual System name
58 | - `ngfw_device` (String) The NGFW device name
--------------------------------------------------------------------------------
/docs/data-sources/device_group.md:
--------------------------------------------------------------------------------
1 | ---
2 | # generated by https://github.com/hashicorp/terraform-plugin-docs
3 | page_title: "panos_device_group Data Source - panos"
4 | subcategory: Panorama
5 | description: |-
6 |
7 | ---
8 |
9 | # panos_device_group (Data Source)
10 |
11 |
12 |
13 |
14 |
15 |
16 | ## Schema
17 |
18 | ### Required
19 |
20 | - `location` (Attributes) The location of this object. (see [below for nested schema](#nestedatt--location))
21 | - `name` (String) The name of the service.
22 |
23 | ### Optional
24 |
25 | - `authorization_code` (String) Authorization code
26 | - `description` (String) The description.
27 | - `devices` (Attributes List) List of devices (see [below for nested schema](#nestedatt--devices))
28 | - `templates` (List of String) List of reference templates
29 |
30 |
31 | ### Nested Schema for `location`
32 |
33 | Optional:
34 |
35 | - `panorama` (Attributes) Located in a specific Panorama. (see [below for nested schema](#nestedatt--location--panorama))
36 |
37 |
38 | ### Nested Schema for `location.panorama`
39 |
40 | Optional:
41 |
42 | - `panorama_device` (String) The Panorama device.
43 |
44 |
45 |
46 |
47 | ### Nested Schema for `devices`
48 |
49 | Required:
50 |
51 | - `name` (String)
52 |
53 | Optional:
54 |
55 | - `vsys` (List of String)
--------------------------------------------------------------------------------
/docs/data-sources/device_group_parent.md:
--------------------------------------------------------------------------------
1 | ---
2 | # generated by https://github.com/hashicorp/terraform-plugin-docs
3 | page_title: "panos_device_group_parent Data Source - panos"
4 | subcategory: Panorama
5 | description: |-
6 |
7 | ---
8 |
9 | # panos_device_group_parent (Data Source)
10 |
11 |
12 |
13 |
14 |
15 |
16 | ## Schema
17 |
18 | ### Required
19 |
20 | - `location` (Attributes) The location of this object. (see [below for nested schema](#nestedatt--location))
21 |
22 | ### Optional
23 |
24 | - `device_group` (String) The device group whose parent is being set
25 | - `parent` (String) The parent device group. Leaving it empty moves 'device-group' under 'shared'.
26 |
27 |
28 | ### Nested Schema for `location`
29 |
30 | Optional:
31 |
32 | - `panorama` (Attributes) Located in a specific Panorama. (see [below for nested schema](#nestedatt--location--panorama))
33 |
34 |
35 | ### Nested Schema for `location.panorama`
36 |
37 | Optional:
38 |
39 | - `panorama_device` (String) The Panorama device.
--------------------------------------------------------------------------------
/docs/data-sources/dns_settings.md:
--------------------------------------------------------------------------------
1 | ---
2 | # generated by https://github.com/hashicorp/terraform-plugin-docs
3 | page_title: "panos_dns_settings Data Source - panos"
4 | subcategory: Device
5 | description: |-
6 |
7 | ---
8 |
9 | # panos_dns_settings (Data Source)
10 |
11 |
12 |
13 |
14 |
15 |
16 | ## Schema
17 |
18 | ### Required
19 |
20 | - `location` (Attributes) The location of this object. (see [below for nested schema](#nestedatt--location))
21 |
22 | ### Optional
23 |
24 | - `dns_settings` (Attributes) (see [below for nested schema](#nestedatt--dns_settings))
25 | - `fqdn_refresh_time` (Number) Seconds for Periodic Timer to refresh expired FQDN object entries
26 |
27 |
28 | ### Nested Schema for `location`
29 |
30 | Optional:
31 |
32 | - `system` (Attributes) Located in a system settings. (see [below for nested schema](#nestedatt--location--system))
33 | - `template` (Attributes) Located in a specific template. (see [below for nested schema](#nestedatt--location--template))
34 | - `template_stack` (Attributes) Located in a specific template stack. (see [below for nested schema](#nestedatt--location--template_stack))
35 |
36 |
37 | ### Nested Schema for `location.system`
38 |
39 | Optional:
40 |
41 | - `ngfw_device` (String) The NGFW device.
42 |
43 |
44 |
45 | ### Nested Schema for `location.template`
46 |
47 | Optional:
48 |
49 | - `name` (String) The template.
50 | - `ngfw_device` (String) The NGFW device.
51 | - `panorama_device` (String) The panorama device.
52 |
53 |
54 |
55 | ### Nested Schema for `location.template_stack`
56 |
57 | Optional:
58 |
59 | - `name` (String) The template stack.
60 | - `ngfw_device` (String) The NGFW device.
61 | - `panorama_device` (String) The panorama device.
62 |
63 |
64 |
65 |
66 | ### Nested Schema for `dns_settings`
67 |
68 | Optional:
69 |
70 | - `servers` (Attributes) (see [below for nested schema](#nestedatt--dns_settings--servers))
71 |
72 |
73 | ### Nested Schema for `dns_settings.servers`
74 |
75 | Optional:
76 |
77 | - `primary` (String) Primary DNS server IP address
78 | - `secondary` (String) Secondary DNS server IP address
--------------------------------------------------------------------------------
/docs/data-sources/file_blocking_security_profile.md:
--------------------------------------------------------------------------------
1 | ---
2 | # generated by https://github.com/hashicorp/terraform-plugin-docs
3 | page_title: "panos_file_blocking_security_profile Data Source - panos"
4 | subcategory: Objects
5 | description: |-
6 |
7 | ---
8 |
9 | # panos_file_blocking_security_profile (Data Source)
10 |
11 |
12 |
13 |
14 |
15 |
16 | ## Schema
17 |
18 | ### Required
19 |
20 | - `location` (Attributes) The location of this object. (see [below for nested schema](#nestedatt--location))
21 | - `name` (String)
22 |
23 | ### Optional
24 |
25 | - `description` (String) Profile description.
26 | - `disable_override` (String) Disable object override in child device groups.
27 | - `rules` (Attributes List) List of rules. (see [below for nested schema](#nestedatt--rules))
28 |
29 |
30 | ### Nested Schema for `location`
31 |
32 | Optional:
33 |
34 | - `device_group` (Attributes) Located in a specific Device Group (see [below for nested schema](#nestedatt--location--device_group))
35 | - `shared` (Attributes) Panorama shared object (see [below for nested schema](#nestedatt--location--shared))
36 | - `vsys` (Attributes) Located in a specific Virtual System (see [below for nested schema](#nestedatt--location--vsys))
37 |
38 |
39 | ### Nested Schema for `location.device_group`
40 |
41 | Optional:
42 |
43 | - `name` (String) Device Group name
44 | - `panorama_device` (String) Panorama device name
45 |
46 |
47 |
48 | ### Nested Schema for `location.shared`
49 |
50 |
51 |
52 | ### Nested Schema for `location.vsys`
53 |
54 | Optional:
55 |
56 | - `name` (String) The Virtual System name
57 | - `ngfw_device` (String) The NGFW device name
58 |
59 |
60 |
61 |
62 | ### Nested Schema for `rules`
63 |
64 | Required:
65 |
66 | - `name` (String)
67 |
68 | Optional:
69 |
70 | - `action` (String) Action to take on matching files.
71 | - `applications` (List of String) List of applications.
72 | - `direction` (String) File transfer direction.
73 | - `file_types` (List of String) List of file types.
--------------------------------------------------------------------------------
/docs/data-sources/ike_crypto_profile.md:
--------------------------------------------------------------------------------
1 | ---
2 | # generated by https://github.com/hashicorp/terraform-plugin-docs
3 | page_title: "panos_ike_crypto_profile Data Source - panos"
4 | subcategory: Network
5 | description: |-
6 |
7 | ---
8 |
9 | # panos_ike_crypto_profile (Data Source)
10 |
11 |
12 |
13 |
14 |
15 |
16 | ## Schema
17 |
18 | ### Required
19 |
20 | - `location` (Attributes) The location of this object. (see [below for nested schema](#nestedatt--location))
21 | - `name` (String)
22 |
23 | ### Optional
24 |
25 | - `authentication_multiple` (Number) IKEv2 SA reauthentication interval equals authetication-multiple * rekey-lifetime; 0 means reauthentication disabled
26 | - `dh_group` (List of String)
27 | - `encryption` (List of String)
28 | - `hash` (List of String)
29 | - `lifetime` (Attributes) (see [below for nested schema](#nestedatt--lifetime))
30 |
31 |
32 | ### Nested Schema for `location`
33 |
34 | Optional:
35 |
36 | - `ngfw` (Attributes) Located in a specific NGFW device (see [below for nested schema](#nestedatt--location--ngfw))
37 | - `template` (Attributes) Located in a specific template (see [below for nested schema](#nestedatt--location--template))
38 | - `template_stack` (Attributes) Located in a specific template stack (see [below for nested schema](#nestedatt--location--template_stack))
39 |
40 |
41 | ### Nested Schema for `location.ngfw`
42 |
43 | Optional:
44 |
45 | - `ngfw_device` (String) The NGFW device
46 |
47 |
48 |
49 | ### Nested Schema for `location.template`
50 |
51 | Optional:
52 |
53 | - `name` (String) Specific Panorama template
54 | - `ngfw_device` (String) The NGFW device
55 | - `panorama_device` (String) Specific Panorama device
56 |
57 |
58 |
59 | ### Nested Schema for `location.template_stack`
60 |
61 | Optional:
62 |
63 | - `name` (String) Specific Panorama template stack
64 | - `ngfw_device` (String) The NGFW device
65 | - `panorama_device` (String) Specific Panorama device
66 |
67 |
68 |
69 |
70 | ### Nested Schema for `lifetime`
71 |
72 | Optional:
73 |
74 | - `days` (Number) specify lifetime in days
75 | - `hours` (Number) specify lifetime in hours
76 | - `minutes` (Number) specify lifetime in minutes
77 | - `seconds` (Number) specify lifetime in seconds
--------------------------------------------------------------------------------
/docs/data-sources/interface_management_profile.md:
--------------------------------------------------------------------------------
1 | ---
2 | # generated by https://github.com/hashicorp/terraform-plugin-docs
3 | page_title: "panos_interface_management_profile Data Source - panos"
4 | subcategory: Network
5 | description: |-
6 |
7 | ---
8 |
9 | # panos_interface_management_profile (Data Source)
10 |
11 |
12 |
13 |
14 |
15 |
16 | ## Schema
17 |
18 | ### Required
19 |
20 | - `location` (Attributes) The location of this object. (see [below for nested schema](#nestedatt--location))
21 | - `name` (String)
22 |
23 | ### Optional
24 |
25 | - `http` (Boolean)
26 | - `http_ocsp` (Boolean)
27 | - `https` (Boolean)
28 | - `permitted_ips` (Attributes List) (see [below for nested schema](#nestedatt--permitted_ips))
29 | - `ping` (Boolean)
30 | - `response_pages` (Boolean)
31 | - `snmp` (Boolean)
32 | - `ssh` (Boolean)
33 | - `telnet` (Boolean)
34 | - `userid_service` (Boolean)
35 | - `userid_syslog_listener_ssl` (Boolean)
36 | - `userid_syslog_listener_udp` (Boolean)
37 |
38 |
39 | ### Nested Schema for `location`
40 |
41 | Optional:
42 |
43 | - `ngfw` (Attributes) Located in a specific NGFW device (see [below for nested schema](#nestedatt--location--ngfw))
44 | - `template` (Attributes) Located in a specific template (see [below for nested schema](#nestedatt--location--template))
45 | - `template_stack` (Attributes) Located in a specific template stack (see [below for nested schema](#nestedatt--location--template_stack))
46 |
47 |
48 | ### Nested Schema for `location.ngfw`
49 |
50 | Optional:
51 |
52 | - `ngfw_device` (String) The NGFW device
53 |
54 |
55 |
56 | ### Nested Schema for `location.template`
57 |
58 | Optional:
59 |
60 | - `name` (String) Specific Panorama template
61 | - `ngfw_device` (String) The NGFW device
62 | - `panorama_device` (String) Specific Panorama device
63 |
64 |
65 |
66 | ### Nested Schema for `location.template_stack`
67 |
68 | Optional:
69 |
70 | - `name` (String) Specific Panorama template stack
71 | - `ngfw_device` (String) The NGFW device
72 | - `panorama_device` (String) Specific Panorama device
73 |
74 |
75 |
76 |
77 | ### Nested Schema for `permitted_ips`
78 |
79 | Required:
80 |
81 | - `name` (String)
--------------------------------------------------------------------------------
/docs/data-sources/ipsec_crypto_profile.md:
--------------------------------------------------------------------------------
1 | ---
2 | # generated by https://github.com/hashicorp/terraform-plugin-docs
3 | page_title: "panos_ipsec_crypto_profile Data Source - panos"
4 | subcategory: Network
5 | description: |-
6 |
7 | ---
8 |
9 | # panos_ipsec_crypto_profile (Data Source)
10 |
11 |
12 |
13 |
14 |
15 |
16 | ## Schema
17 |
18 | ### Required
19 |
20 | - `location` (Attributes) The location of this object. (see [below for nested schema](#nestedatt--location))
21 | - `name` (String)
22 |
23 | ### Optional
24 |
25 | - `ah` (Attributes) (see [below for nested schema](#nestedatt--ah))
26 | - `dh_group` (String) phase-2 DH group (PFS DH group)
27 | - `esp` (Attributes) (see [below for nested schema](#nestedatt--esp))
28 | - `lifesize` (Attributes) (see [below for nested schema](#nestedatt--lifesize))
29 | - `lifetime` (Attributes) (see [below for nested schema](#nestedatt--lifetime))
30 |
31 |
32 | ### Nested Schema for `location`
33 |
34 | Optional:
35 |
36 | - `ngfw` (Attributes) Located in a specific NGFW device (see [below for nested schema](#nestedatt--location--ngfw))
37 | - `template` (Attributes) Located in a specific template (see [below for nested schema](#nestedatt--location--template))
38 | - `template_stack` (Attributes) Located in a specific template stack (see [below for nested schema](#nestedatt--location--template_stack))
39 |
40 |
41 | ### Nested Schema for `location.ngfw`
42 |
43 | Optional:
44 |
45 | - `ngfw_device` (String) The NGFW device
46 |
47 |
48 |
49 | ### Nested Schema for `location.template`
50 |
51 | Optional:
52 |
53 | - `name` (String) Specific Panorama template
54 | - `ngfw_device` (String) The NGFW device
55 | - `panorama_device` (String) Specific Panorama device
56 |
57 |
58 |
59 | ### Nested Schema for `location.template_stack`
60 |
61 | Optional:
62 |
63 | - `name` (String) Specific Panorama template stack
64 | - `ngfw_device` (String) The NGFW device
65 | - `panorama_device` (String) Specific Panorama device
66 |
67 |
68 |
69 |
70 | ### Nested Schema for `ah`
71 |
72 | Optional:
73 |
74 | - `authentication` (List of String)
75 |
76 |
77 |
78 | ### Nested Schema for `esp`
79 |
80 | Optional:
81 |
82 | - `authentication` (List of String)
83 | - `encryption` (List of String)
84 |
85 |
86 |
87 | ### Nested Schema for `lifesize`
88 |
89 | Optional:
90 |
91 | - `gb` (Number) specify lifesize in gigabytes(GB)
92 | - `kb` (Number) specify lifesize in kilobytes(KB)
93 | - `mb` (Number) specify lifesize in megabytes(MB)
94 | - `tb` (Number) specify lifesize in terabytes(TB)
95 |
96 |
97 |
98 | ### Nested Schema for `lifetime`
99 |
100 | Optional:
101 |
102 | - `days` (Number) specify lifetime in days
103 | - `hours` (Number) specify lifetime in hours
104 | - `minutes` (Number) specify lifetime in minutes
105 | - `seconds` (Number) specify lifetime in seconds
--------------------------------------------------------------------------------
/docs/data-sources/ldap_profile.md:
--------------------------------------------------------------------------------
1 | ---
2 | # generated by https://github.com/hashicorp/terraform-plugin-docs
3 | page_title: "panos_ldap_profile Data Source - panos"
4 | subcategory: Device
5 | description: |-
6 |
7 | ---
8 |
9 | # panos_ldap_profile (Data Source)
10 |
11 |
12 |
13 |
14 |
15 |
16 | ## Schema
17 |
18 | ### Required
19 |
20 | - `location` (Attributes) The location of this object. (see [below for nested schema](#nestedatt--location))
21 | - `name` (String)
22 |
23 | ### Optional
24 |
25 | - `base` (String) Default base distinguished name (DN) to use for searches
26 | - `bind_dn` (String) bind distinguished name
27 | - `bind_password` (String, Sensitive) bind password
28 | - `bind_timelimit` (Number) number of seconds to use for connecting to servers
29 | - `disabled` (Boolean)
30 | - `ldap_type` (String)
31 | - `retry_interval` (Number) Interval (seconds) for reconnecting LDAP server
32 | - `servers` (Attributes List) (see [below for nested schema](#nestedatt--servers))
33 | - `ssl` (Boolean)
34 | - `timelimit` (Number) number of seconds to wait for performing searches
35 | - `verify_server_certificate` (Boolean) Verify server certificate for SSL sessions
36 |
37 | ### Read-Only
38 |
39 | - `encrypted_values` (Map of String, Sensitive)
40 |
41 |
42 | ### Nested Schema for `location`
43 |
44 | Optional:
45 |
46 | - `panorama` (Attributes) Located in a panorama. (see [below for nested schema](#nestedatt--location--panorama))
47 | - `shared` (Attributes) Panorama shared object (see [below for nested schema](#nestedatt--location--shared))
48 | - `template` (Attributes) Located in a specific template (see [below for nested schema](#nestedatt--location--template))
49 | - `template_stack` (Attributes) Located in a specific template (see [below for nested schema](#nestedatt--location--template_stack))
50 | - `template_stack_vsys` (Attributes) Located in a specific template, device and vsys. (see [below for nested schema](#nestedatt--location--template_stack_vsys))
51 | - `template_vsys` (Attributes) Located in a specific template, device and vsys. (see [below for nested schema](#nestedatt--location--template_vsys))
52 | - `vsys` (Attributes) Located in a specific Virtual System (see [below for nested schema](#nestedatt--location--vsys))
53 |
54 |
55 | ### Nested Schema for `location.panorama`
56 |
57 |
58 |
59 | ### Nested Schema for `location.shared`
60 |
61 |
62 |
63 | ### Nested Schema for `location.template`
64 |
65 | Optional:
66 |
67 | - `name` (String) Specific Panorama template
68 | - `panorama_device` (String) Specific Panorama device
69 |
70 |
71 |
72 | ### Nested Schema for `location.template_stack`
73 |
74 | Optional:
75 |
76 | - `name` (String) The template stack
77 | - `panorama_device` (String) Specific Panorama device
78 |
79 |
80 |
81 | ### Nested Schema for `location.template_stack_vsys`
82 |
83 | Optional:
84 |
85 | - `ngfw_device` (String) The NGFW device
86 | - `panorama_device` (String) Specific Panorama device
87 | - `template_stack` (String) The template stack
88 | - `vsys` (String) The vsys.
89 |
90 |
91 |
92 | ### Nested Schema for `location.template_vsys`
93 |
94 | Optional:
95 |
96 | - `ngfw_device` (String) The NGFW device
97 | - `panorama_device` (String) Specific Panorama device
98 | - `template` (String) Specific Panorama template
99 | - `vsys` (String) The vsys.
100 |
101 |
102 |
103 | ### Nested Schema for `location.vsys`
104 |
105 | Optional:
106 |
107 | - `name` (String) The Virtual System name
108 | - `ngfw_device` (String) The NGFW device name
109 |
110 |
111 |
112 |
113 | ### Nested Schema for `servers`
114 |
115 | Required:
116 |
117 | - `name` (String)
118 |
119 | Optional:
120 |
121 | - `address` (String) ldap server ip or host name.
122 | - `port` (Number) default 389 for LDAP, 636 for LDAPS
--------------------------------------------------------------------------------
/docs/data-sources/log_forwarding_profile.md:
--------------------------------------------------------------------------------
1 | ---
2 | # generated by https://github.com/hashicorp/terraform-plugin-docs
3 | page_title: "panos_log_forwarding_profile Data Source - panos"
4 | subcategory: Objects
5 | description: |-
6 |
7 | ---
8 |
9 | # panos_log_forwarding_profile (Data Source)
10 |
11 |
12 |
13 |
14 |
15 |
16 | ## Schema
17 |
18 | ### Required
19 |
20 | - `location` (Attributes) The location of this object. (see [below for nested schema](#nestedatt--location))
21 | - `name` (String)
22 |
23 | ### Optional
24 |
25 | - `description` (String)
26 | - `disable_override` (String) disable object override in child device groups
27 | - `enhanced_application_logging` (Boolean) Enabling enhanced-application-logging
28 | - `match_list` (Attributes List) (see [below for nested schema](#nestedatt--match_list))
29 |
30 |
31 | ### Nested Schema for `location`
32 |
33 | Optional:
34 |
35 | - `device_group` (Attributes) Located in a specific Device Group (see [below for nested schema](#nestedatt--location--device_group))
36 | - `shared` (Attributes) Panorama shared object (see [below for nested schema](#nestedatt--location--shared))
37 |
38 |
39 | ### Nested Schema for `location.device_group`
40 |
41 | Optional:
42 |
43 | - `name` (String) Device Group name
44 | - `panorama_device` (String) Panorama device name
45 |
46 |
47 |
48 | ### Nested Schema for `location.shared`
49 |
50 |
51 |
52 |
53 | ### Nested Schema for `match_list`
54 |
55 | Required:
56 |
57 | - `name` (String)
58 |
59 | Optional:
60 |
61 | - `action_desc` (String)
62 | - `actions` (Attributes List) (see [below for nested schema](#nestedatt--match_list--actions))
63 | - `filter` (String)
64 | - `log_type` (String) Pick log type
65 | - `quarantine` (Boolean)
66 | - `send_email` (List of String)
67 | - `send_http` (List of String)
68 | - `send_snmptrap` (List of String)
69 | - `send_syslog` (List of String)
70 | - `send_to_panorama` (Boolean)
71 |
72 |
73 | ### Nested Schema for `match_list.actions`
74 |
75 | Required:
76 |
77 | - `name` (String)
78 |
79 | Optional:
80 |
81 | - `type` (Attributes) (see [below for nested schema](#nestedatt--match_list--actions--type))
82 |
83 |
84 | ### Nested Schema for `match_list.actions.type`
85 |
86 | Optional:
87 |
88 | - `integration` (Attributes) (see [below for nested schema](#nestedatt--match_list--actions--type--integration))
89 | - `tagging` (Attributes) (see [below for nested schema](#nestedatt--match_list--actions--type--tagging))
90 |
91 |
92 | ### Nested Schema for `match_list.actions.type.integration`
93 |
94 | Optional:
95 |
96 | - `action` (String)
97 |
98 |
99 |
100 | ### Nested Schema for `match_list.actions.type.tagging`
101 |
102 | Optional:
103 |
104 | - `action` (String)
105 | - `registration` (Attributes) (see [below for nested schema](#nestedatt--match_list--actions--type--tagging--registration))
106 | - `tags` (List of String)
107 | - `target` (String)
108 | - `timeout` (Number) timeout in minutes
109 |
110 |
111 | ### Nested Schema for `match_list.actions.type.tagging.registration`
112 |
113 | Optional:
114 |
115 | - `localhost` (Attributes) (see [below for nested schema](#nestedatt--match_list--actions--type--tagging--registration--localhost))
116 | - `panorama` (Attributes) (see [below for nested schema](#nestedatt--match_list--actions--type--tagging--registration--panorama))
117 | - `remote` (Attributes) (see [below for nested schema](#nestedatt--match_list--actions--type--tagging--registration--remote))
118 |
119 |
120 | ### Nested Schema for `match_list.actions.type.tagging.registration.localhost`
121 |
122 |
123 |
124 | ### Nested Schema for `match_list.actions.type.tagging.registration.panorama`
125 |
126 |
127 |
128 | ### Nested Schema for `match_list.actions.type.tagging.registration.remote`
129 |
130 | Optional:
131 |
132 | - `http_profile` (String)
--------------------------------------------------------------------------------
/docs/data-sources/loopback_interface.md:
--------------------------------------------------------------------------------
1 | ---
2 | # generated by https://github.com/hashicorp/terraform-plugin-docs
3 | page_title: "panos_loopback_interface Data Source - panos"
4 | subcategory: Network
5 | description: |-
6 |
7 | ---
8 |
9 | # panos_loopback_interface (Data Source)
10 |
11 |
12 |
13 |
14 |
15 |
16 | ## Schema
17 |
18 | ### Required
19 |
20 | - `location` (Attributes) The location of this object. (see [below for nested schema](#nestedatt--location))
21 | - `name` (String)
22 |
23 | ### Optional
24 |
25 | - `adjust_tcp_mss` (Attributes) (see [below for nested schema](#nestedatt--adjust_tcp_mss))
26 | - `comment` (String)
27 | - `interface_management_profile` (String) Interface management profile
28 | - `ip` (Attributes List) (see [below for nested schema](#nestedatt--ip))
29 | - `ipv6` (Attributes) (see [below for nested schema](#nestedatt--ipv6))
30 | - `mtu` (Number) Maximum Transfer Unit, up to 9216 in Jumbo-Frame mode, up to 1500 otherwise
31 | - `netflow_profile` (String) Netflow Server Profile
32 |
33 |
34 | ### Nested Schema for `location`
35 |
36 | Optional:
37 |
38 | - `ngfw` (Attributes) Located in a specific NGFW device (see [below for nested schema](#nestedatt--location--ngfw))
39 | - `template` (Attributes) Located in a specific template (see [below for nested schema](#nestedatt--location--template))
40 | - `template_stack` (Attributes) Located in a specific template stack (see [below for nested schema](#nestedatt--location--template_stack))
41 |
42 |
43 | ### Nested Schema for `location.ngfw`
44 |
45 | Optional:
46 |
47 | - `ngfw_device` (String) The NGFW device
48 |
49 |
50 |
51 | ### Nested Schema for `location.template`
52 |
53 | Optional:
54 |
55 | - `name` (String) Specific Panorama template
56 | - `ngfw_device` (String) The NGFW device
57 | - `panorama_device` (String) Specific Panorama device
58 |
59 |
60 |
61 | ### Nested Schema for `location.template_stack`
62 |
63 | Optional:
64 |
65 | - `name` (String) Specific Panorama template stack
66 | - `ngfw_device` (String) The NGFW device
67 | - `panorama_device` (String) Specific Panorama device
68 |
69 |
70 |
71 |
72 | ### Nested Schema for `adjust_tcp_mss`
73 |
74 | Optional:
75 |
76 | - `enable` (Boolean) Set if TCP MSS value should be reduced based on mtu
77 | - `ipv4_mss_adjustment` (Number) IPv4 MSS adjustment size (in bytes)
78 | - `ipv6_mss_adjustment` (Number) IPv6 MSS adjustment size (in bytes)
79 |
80 |
81 |
82 | ### Nested Schema for `ip`
83 |
84 | Required:
85 |
86 | - `name` (String)
87 |
88 |
89 |
90 | ### Nested Schema for `ipv6`
91 |
92 | Optional:
93 |
94 | - `address` (Attributes List) (see [below for nested schema](#nestedatt--ipv6--address))
95 | - `enabled` (Boolean) Enable IPv6 on the interface
96 | - `interface_id` (String)
97 |
98 |
99 | ### Nested Schema for `ipv6.address`
100 |
101 | Required:
102 |
103 | - `name` (String)
104 |
105 | Optional:
106 |
107 | - `anycast` (Attributes) (see [below for nested schema](#nestedatt--ipv6--address--anycast))
108 | - `enable_on_interface` (Boolean) configure this address on interface
109 | - `prefix` (Attributes) (see [below for nested schema](#nestedatt--ipv6--address--prefix))
110 |
111 |
112 | ### Nested Schema for `ipv6.address.anycast`
113 |
114 |
115 |
116 | ### Nested Schema for `ipv6.address.prefix`
--------------------------------------------------------------------------------
/docs/data-sources/security_profile_group.md:
--------------------------------------------------------------------------------
1 | ---
2 | # generated by https://github.com/hashicorp/terraform-plugin-docs
3 | page_title: "panos_security_profile_group Data Source - panos"
4 | subcategory: Objects
5 | description: |-
6 |
7 | ---
8 |
9 | # panos_security_profile_group (Data Source)
10 |
11 |
12 |
13 |
14 |
15 |
16 | ## Schema
17 |
18 | ### Required
19 |
20 | - `location` (Attributes) The location of this object. (see [below for nested schema](#nestedatt--location))
21 | - `name` (String)
22 |
23 | ### Optional
24 |
25 | - `data_filtering` (List of String)
26 | - `disable_override` (String) disable object override in child device groups
27 | - `file_blocking` (List of String)
28 | - `gtp` (List of String)
29 | - `sctp` (List of String)
30 | - `spyware` (List of String)
31 | - `url_filtering` (List of String)
32 | - `virus` (List of String)
33 | - `vulnerability` (List of String)
34 | - `wildfire_analysis` (List of String)
35 |
36 |
37 | ### Nested Schema for `location`
38 |
39 | Optional:
40 |
41 | - `device_group` (Attributes) Located in a specific Device Group (see [below for nested schema](#nestedatt--location--device_group))
42 | - `shared` (Attributes) Panorama shared object (see [below for nested schema](#nestedatt--location--shared))
43 |
44 |
45 | ### Nested Schema for `location.device_group`
46 |
47 | Optional:
48 |
49 | - `name` (String) Device Group name
50 | - `panorama_device` (String) Panorama device name
51 |
52 |
53 |
54 | ### Nested Schema for `location.shared`
--------------------------------------------------------------------------------
/docs/data-sources/service.md:
--------------------------------------------------------------------------------
1 | ---
2 | # generated by https://github.com/hashicorp/terraform-plugin-docs
3 | page_title: "panos_service Data Source - panos"
4 | subcategory: Objects
5 | description: |-
6 |
7 | ---
8 |
9 | # panos_service (Data Source)
10 |
11 |
12 |
13 |
14 |
15 |
16 | ## Schema
17 |
18 | ### Required
19 |
20 | - `location` (Attributes) The location of this object. (see [below for nested schema](#nestedatt--location))
21 | - `name` (String)
22 |
23 | ### Optional
24 |
25 | - `description` (String)
26 | - `disable_override` (String) disable object override in child device groups
27 | - `protocol` (Attributes) (see [below for nested schema](#nestedatt--protocol))
28 | - `tags` (List of String)
29 |
30 |
31 | ### Nested Schema for `location`
32 |
33 | Optional:
34 |
35 | - `device_group` (Attributes) Located in a specific Device Group (see [below for nested schema](#nestedatt--location--device_group))
36 | - `shared` (Attributes) Panorama shared object (see [below for nested schema](#nestedatt--location--shared))
37 | - `vsys` (Attributes) Located in a specific Virtual System (see [below for nested schema](#nestedatt--location--vsys))
38 |
39 |
40 | ### Nested Schema for `location.device_group`
41 |
42 | Optional:
43 |
44 | - `name` (String) Device Group name
45 | - `panorama_device` (String) Panorama device name
46 |
47 |
48 |
49 | ### Nested Schema for `location.shared`
50 |
51 |
52 |
53 | ### Nested Schema for `location.vsys`
54 |
55 | Optional:
56 |
57 | - `name` (String) The Virtual System name
58 | - `ngfw_device` (String) The NGFW device name
59 |
60 |
61 |
62 |
63 | ### Nested Schema for `protocol`
64 |
65 | Optional:
66 |
67 | - `tcp` (Attributes) (see [below for nested schema](#nestedatt--protocol--tcp))
68 | - `udp` (Attributes) (see [below for nested schema](#nestedatt--protocol--udp))
69 |
70 |
71 | ### Nested Schema for `protocol.tcp`
72 |
73 | Optional:
74 |
75 | - `destination_port` (String)
76 | - `override` (Attributes) (see [below for nested schema](#nestedatt--protocol--tcp--override))
77 | - `source_port` (String)
78 |
79 |
80 | ### Nested Schema for `protocol.tcp.override`
81 |
82 | Optional:
83 |
84 | - `halfclose_timeout` (Number) tcp session half-close timeout value (in second)
85 | - `timeout` (Number) tcp session timeout value (in second)
86 | - `timewait_timeout` (Number) tcp session time-wait timeout value (in second)
87 |
88 |
89 |
90 |
91 | ### Nested Schema for `protocol.udp`
92 |
93 | Optional:
94 |
95 | - `destination_port` (String)
96 | - `override` (Attributes) (see [below for nested schema](#nestedatt--protocol--udp--override))
97 | - `source_port` (String)
98 |
99 |
100 | ### Nested Schema for `protocol.udp.override`
101 |
102 | Optional:
103 |
104 | - `timeout` (Number) udp session timeout value (in second)
--------------------------------------------------------------------------------
/docs/data-sources/service_group.md:
--------------------------------------------------------------------------------
1 | ---
2 | # generated by https://github.com/hashicorp/terraform-plugin-docs
3 | page_title: "panos_service_group Data Source - panos"
4 | subcategory: Objects
5 | description: |-
6 |
7 | ---
8 |
9 | # panos_service_group (Data Source)
10 |
11 |
12 |
13 |
14 |
15 |
16 | ## Schema
17 |
18 | ### Required
19 |
20 | - `location` (Attributes) The location of this object. (see [below for nested schema](#nestedatt--location))
21 | - `name` (String)
22 |
23 | ### Optional
24 |
25 | - `disable_override` (String) disable object override in child device groups
26 | - `members` (List of String)
27 | - `tags` (List of String)
28 |
29 |
30 | ### Nested Schema for `location`
31 |
32 | Optional:
33 |
34 | - `device_group` (Attributes) Located in a specific Device Group (see [below for nested schema](#nestedatt--location--device_group))
35 | - `shared` (Attributes) Panorama shared object (see [below for nested schema](#nestedatt--location--shared))
36 | - `vsys` (Attributes) Located in a specific Virtual System (see [below for nested schema](#nestedatt--location--vsys))
37 |
38 |
39 | ### Nested Schema for `location.device_group`
40 |
41 | Optional:
42 |
43 | - `name` (String) Device Group name
44 | - `panorama_device` (String) Panorama device name
45 |
46 |
47 |
48 | ### Nested Schema for `location.shared`
49 |
50 |
51 |
52 | ### Nested Schema for `location.vsys`
53 |
54 | Optional:
55 |
56 | - `name` (String) The Virtual System name
57 | - `ngfw_device` (String) The NGFW device name
--------------------------------------------------------------------------------
/docs/data-sources/ssl_decrypt.md:
--------------------------------------------------------------------------------
1 | ---
2 | # generated by https://github.com/hashicorp/terraform-plugin-docs
3 | page_title: "panos_ssl_decrypt Data Source - panos"
4 | subcategory: Device
5 | description: |-
6 |
7 | ---
8 |
9 | # panos_ssl_decrypt (Data Source)
10 |
11 |
12 |
13 |
14 |
15 |
16 | ## Schema
17 |
18 | ### Required
19 |
20 | - `location` (Attributes) The location of this object. (see [below for nested schema](#nestedatt--location))
21 |
22 | ### Optional
23 |
24 | - `disabled_ssl_exclude_cert_from_predefined` (List of String) List of disabled predefined exclude certificates.
25 | - `forward_trust_certificate_ecdsa` (String) Forward trust ECDSA certificate.
26 | - `forward_trust_certificate_rsa` (String) Forward trust RSA certificate.
27 | - `forward_untrust_certificate_ecdsa` (String) Forward untrust ECDSA certificate.
28 | - `forward_untrust_certificate_rsa` (String) Forward untrust RSA certificate.
29 | - `root_ca_exclude_list` (List of String) List of root CA excludes.
30 | - `ssl_exclude_cert` (Attributes List) List of SSL decrypt exclude certificates specs (specified below). (see [below for nested schema](#nestedatt--ssl_exclude_cert))
31 | - `trusted_root_ca` (List of String) List of trusted root CAs.
32 |
33 |
34 | ### Nested Schema for `location`
35 |
36 | Optional:
37 |
38 | - `panorama` (Attributes) Located in a panorama. (see [below for nested schema](#nestedatt--location--panorama))
39 | - `shared` (Attributes) Located in shared. (see [below for nested schema](#nestedatt--location--shared))
40 | - `template` (Attributes) Located in a specific template. (see [below for nested schema](#nestedatt--location--template))
41 | - `template_stack` (Attributes) Located in a specific template stack. (see [below for nested schema](#nestedatt--location--template_stack))
42 | - `template_stack_vsys` (Attributes) Located in a specific template stack, device and vsys. (see [below for nested schema](#nestedatt--location--template_stack_vsys))
43 | - `template_vsys` (Attributes) Located in a specific template, device and vsys. (see [below for nested schema](#nestedatt--location--template_vsys))
44 |
45 |
46 | ### Nested Schema for `location.panorama`
47 |
48 |
49 |
50 | ### Nested Schema for `location.shared`
51 |
52 |
53 |
54 | ### Nested Schema for `location.template`
55 |
56 | Optional:
57 |
58 | - `name` (String) The template.
59 | - `panorama_device` (String) The panorama device.
60 |
61 |
62 |
63 | ### Nested Schema for `location.template_stack`
64 |
65 | Optional:
66 |
67 | - `name` (String) The template stack.
68 | - `panorama_device` (String) The panorama device.
69 |
70 |
71 |
72 | ### Nested Schema for `location.template_stack_vsys`
73 |
74 | Optional:
75 |
76 | - `ngfw_device` (String) The NGFW device.
77 | - `panorama_device` (String) The panorama device.
78 | - `template_stack` (String) The template stack.
79 | - `vsys` (String) The vsys.
80 |
81 |
82 |
83 | ### Nested Schema for `location.template_vsys`
84 |
85 | Optional:
86 |
87 | - `ngfw_device` (String) The NGFW device.
88 | - `panorama_device` (String) The panorama device.
89 | - `template` (String) The template.
90 | - `vsys` (String) The vsys.
91 |
92 |
93 |
94 |
95 | ### Nested Schema for `ssl_exclude_cert`
96 |
97 | Required:
98 |
99 | - `name` (String)
100 |
101 | Optional:
102 |
103 | - `description` (String) The description.
104 | - `exclude` (Boolean) Exclude or not.
--------------------------------------------------------------------------------
/docs/data-sources/ssl_tls_service_profile.md:
--------------------------------------------------------------------------------
1 | ---
2 | # generated by https://github.com/hashicorp/terraform-plugin-docs
3 | page_title: "panos_ssl_tls_service_profile Data Source - panos"
4 | subcategory: Device
5 | description: |-
6 |
7 | ---
8 |
9 | # panos_ssl_tls_service_profile (Data Source)
10 |
11 |
12 |
13 |
14 |
15 |
16 | ## Schema
17 |
18 | ### Required
19 |
20 | - `location` (Attributes) The location of this object. (see [below for nested schema](#nestedatt--location))
21 | - `name` (String)
22 |
23 | ### Optional
24 |
25 | - `certificate` (String) SSL certificate file name
26 | - `protocol_settings` (Attributes) (see [below for nested schema](#nestedatt--protocol_settings))
27 |
28 |
29 | ### Nested Schema for `location`
30 |
31 | Optional:
32 |
33 | - `panorama` (Attributes) Located in a panorama. (see [below for nested schema](#nestedatt--location--panorama))
34 | - `shared` (Attributes) Panorama shared object (see [below for nested schema](#nestedatt--location--shared))
35 | - `template` (Attributes) Located in a specific template (see [below for nested schema](#nestedatt--location--template))
36 | - `template_stack` (Attributes) Located in a specific template (see [below for nested schema](#nestedatt--location--template_stack))
37 | - `template_stack_vsys` (Attributes) Located in a specific template, device and vsys. (see [below for nested schema](#nestedatt--location--template_stack_vsys))
38 | - `template_vsys` (Attributes) Located in a specific template, device and vsys. (see [below for nested schema](#nestedatt--location--template_vsys))
39 |
40 |
41 | ### Nested Schema for `location.panorama`
42 |
43 |
44 |
45 | ### Nested Schema for `location.shared`
46 |
47 |
48 |
49 | ### Nested Schema for `location.template`
50 |
51 | Optional:
52 |
53 | - `name` (String) Specific Panorama template
54 | - `panorama_device` (String) Specific Panorama device
55 |
56 |
57 |
58 | ### Nested Schema for `location.template_stack`
59 |
60 | Optional:
61 |
62 | - `name` (String) The template stack
63 | - `panorama_device` (String) Specific Panorama device
64 |
65 |
66 |
67 | ### Nested Schema for `location.template_stack_vsys`
68 |
69 | Optional:
70 |
71 | - `ngfw_device` (String) The NGFW device
72 | - `panorama_device` (String) Specific Panorama device
73 | - `template_stack` (String) The template stack
74 | - `vsys` (String) The vsys.
75 |
76 |
77 |
78 | ### Nested Schema for `location.template_vsys`
79 |
80 | Optional:
81 |
82 | - `ngfw_device` (String) The NGFW device
83 | - `panorama_device` (String) Specific Panorama device
84 | - `template` (String) Specific Panorama template
85 | - `vsys` (String) The vsys.
86 |
87 |
88 |
89 |
90 | ### Nested Schema for `protocol_settings`
91 |
92 | Optional:
93 |
94 | - `allow_algorithm_3des` (Boolean) Allow algorithm 3DES
95 | - `allow_algorithm_aes_128_cbc` (Boolean) Allow algorithm AES-128-CBC
96 | - `allow_algorithm_aes_128_gcm` (Boolean) Allow algorithm AES-128-GCM
97 | - `allow_algorithm_aes_256_cbc` (Boolean) Allow algorithm AES-256-CBC
98 | - `allow_algorithm_aes_256_gcm` (Boolean) Allow algorithm AES-256-GCM
99 | - `allow_algorithm_dhe` (Boolean) Allow algorithm DHE
100 | - `allow_algorithm_ecdhe` (Boolean) Allow algorithm ECDHE
101 | - `allow_algorithm_rc4` (Boolean) Allow algorithm RC4
102 | - `allow_algorithm_rsa` (Boolean) Allow algorithm RSA
103 | - `allow_authentication_sha1` (Boolean) Allow authentication SHA1
104 | - `allow_authentication_sha256` (Boolean) Allow authentication SHA256
105 | - `allow_authentication_sha384` (Boolean) Allow authentication SHA384
106 | - `max_version` (String) Maximum TLS protocol version. Valid values are 'tls1-0', 'tls1-1', 'tls1-2', and max (default).
107 | - `min_version` (String)
--------------------------------------------------------------------------------
/docs/data-sources/template.md:
--------------------------------------------------------------------------------
1 | ---
2 | # generated by https://github.com/hashicorp/terraform-plugin-docs
3 | page_title: "panos_template Data Source - panos"
4 | subcategory: Panorama
5 | description: |-
6 |
7 | ---
8 |
9 | # panos_template (Data Source)
10 |
11 |
12 |
13 |
14 |
15 |
16 | ## Schema
17 |
18 | ### Required
19 |
20 | - `location` (Attributes) The location of this object. (see [below for nested schema](#nestedatt--location))
21 | - `name` (String) The name of the service.
22 |
23 | ### Optional
24 |
25 | - `description` (String) The description.
26 |
27 |
28 | ### Nested Schema for `location`
29 |
30 | Optional:
31 |
32 | - `panorama` (Attributes) Located in a specific Panorama. (see [below for nested schema](#nestedatt--location--panorama))
33 |
34 |
35 | ### Nested Schema for `location.panorama`
36 |
37 | Optional:
38 |
39 | - `panorama_device` (String) The Panorama device.
--------------------------------------------------------------------------------
/docs/data-sources/template_stack.md:
--------------------------------------------------------------------------------
1 | ---
2 | # generated by https://github.com/hashicorp/terraform-plugin-docs
3 | page_title: "panos_template_stack Data Source - panos"
4 | subcategory: Panorama
5 | description: |-
6 |
7 | ---
8 |
9 | # panos_template_stack (Data Source)
10 |
11 |
12 |
13 |
14 |
15 |
16 | ## Schema
17 |
18 | ### Required
19 |
20 | - `location` (Attributes) The location of this object. (see [below for nested schema](#nestedatt--location))
21 | - `name` (String) The name of the service.
22 |
23 | ### Optional
24 |
25 | - `default_vsys` (String) Default virtual system
26 | - `description` (String) The description.
27 | - `devices` (List of String) List of devices
28 | - `templates` (List of String) List of templates
29 | - `user_group_source` (Attributes) (see [below for nested schema](#nestedatt--user_group_source))
30 |
31 |
32 | ### Nested Schema for `location`
33 |
34 | Optional:
35 |
36 | - `panorama` (Attributes) Located in a specific Panorama. (see [below for nested schema](#nestedatt--location--panorama))
37 |
38 |
39 | ### Nested Schema for `location.panorama`
40 |
41 | Optional:
42 |
43 | - `panorama_device` (String) The Panorama device.
44 |
45 |
46 |
47 |
48 | ### Nested Schema for `user_group_source`
49 |
50 | Optional:
51 |
52 | - `master_device` (String)
--------------------------------------------------------------------------------
/docs/data-sources/template_variable.md:
--------------------------------------------------------------------------------
1 | ---
2 | # generated by https://github.com/hashicorp/terraform-plugin-docs
3 | page_title: "panos_template_variable Data Source - panos"
4 | subcategory: Panorama
5 | description: |-
6 |
7 | ---
8 |
9 | # panos_template_variable (Data Source)
10 |
11 |
12 |
13 |
14 |
15 |
16 | ## Schema
17 |
18 | ### Required
19 |
20 | - `location` (Attributes) The location of this object. (see [below for nested schema](#nestedatt--location))
21 | - `name` (String) The name of the service.
22 |
23 | ### Optional
24 |
25 | - `description` (String)
26 | - `type` (Attributes) (see [below for nested schema](#nestedatt--type))
27 |
28 |
29 | ### Nested Schema for `location`
30 |
31 | Optional:
32 |
33 | - `template` (Attributes) Located in a specific template. (see [below for nested schema](#nestedatt--location--template))
34 |
35 |
36 | ### Nested Schema for `location.template`
37 |
38 | Optional:
39 |
40 | - `name` (String) The template.
41 | - `panorama_device` (String) The panorama device.
42 |
43 |
44 |
45 |
46 | ### Nested Schema for `type`
47 |
48 | Optional:
49 |
50 | - `as_number` (String)
51 | - `device_id` (String)
52 | - `device_priority` (String)
53 | - `egress_max` (String)
54 | - `fqdn` (String)
55 | - `group_id` (String)
56 | - `interface` (String)
57 | - `ip_netmask` (String)
58 | - `ip_range` (String)
59 | - `link_tag` (String)
60 | - `qos_profile` (String)
--------------------------------------------------------------------------------
/docs/data-sources/tunnel_interface.md:
--------------------------------------------------------------------------------
1 | ---
2 | # generated by https://github.com/hashicorp/terraform-plugin-docs
3 | page_title: "panos_tunnel_interface Data Source - panos"
4 | subcategory: Network
5 | description: |-
6 |
7 | ---
8 |
9 | # panos_tunnel_interface (Data Source)
10 |
11 |
12 |
13 |
14 |
15 |
16 | ## Schema
17 |
18 | ### Required
19 |
20 | - `location` (Attributes) The location of this object. (see [below for nested schema](#nestedatt--location))
21 | - `name` (String)
22 |
23 | ### Optional
24 |
25 | - `bonjour` (Attributes) (see [below for nested schema](#nestedatt--bonjour))
26 | - `comment` (String)
27 | - `df_ignore` (Boolean)
28 | - `interface_management_profile` (String) Interface management profile
29 | - `ip` (Attributes List) (see [below for nested schema](#nestedatt--ip))
30 | - `ipv6` (Attributes) (see [below for nested schema](#nestedatt--ipv6))
31 | - `link_tag` (String)
32 | - `mtu` (Number) Maximum Transfer Unit, up to 9216 in Jumbo-Frame mode, up to 1500 otherwise
33 | - `netflow_profile` (String) Netflow Server Profile
34 |
35 |
36 | ### Nested Schema for `location`
37 |
38 | Optional:
39 |
40 | - `ngfw` (Attributes) Located in a specific NGFW device (see [below for nested schema](#nestedatt--location--ngfw))
41 | - `shared` (Attributes) Panorama shared object (see [below for nested schema](#nestedatt--location--shared))
42 | - `template` (Attributes) Located in a specific template (see [below for nested schema](#nestedatt--location--template))
43 | - `template_stack` (Attributes) Located in a specific template stack (see [below for nested schema](#nestedatt--location--template_stack))
44 |
45 |
46 | ### Nested Schema for `location.ngfw`
47 |
48 | Optional:
49 |
50 | - `ngfw_device` (String) The NGFW device
51 |
52 |
53 |
54 | ### Nested Schema for `location.shared`
55 |
56 |
57 |
58 | ### Nested Schema for `location.template`
59 |
60 | Optional:
61 |
62 | - `name` (String) Specific Panorama template
63 | - `ngfw_device` (String) The NGFW device
64 | - `panorama_device` (String) Specific Panorama device
65 | - `vsys` (String)
66 |
67 |
68 |
69 | ### Nested Schema for `location.template_stack`
70 |
71 | Optional:
72 |
73 | - `name` (String) Specific Panorama template stack
74 | - `ngfw_device` (String) The NGFW device
75 | - `panorama_device` (String) Specific Panorama device
76 |
77 |
78 |
79 |
80 | ### Nested Schema for `bonjour`
81 |
82 | Optional:
83 |
84 | - `enable` (Boolean) Set to support Bonjour service
85 | - `group_id` (Number) default 0: NO-Group
86 | - `ttl_check` (Boolean) Set to check and update TTL
87 |
88 |
89 |
90 | ### Nested Schema for `ip`
91 |
92 | Required:
93 |
94 | - `name` (String)
95 |
96 |
97 |
98 | ### Nested Schema for `ipv6`
99 |
100 | Optional:
101 |
102 | - `address` (Attributes List) (see [below for nested schema](#nestedatt--ipv6--address))
103 | - `enabled` (Boolean) Enable IPv6 on the interface
104 | - `interface_id` (String)
105 |
106 |
107 | ### Nested Schema for `ipv6.address`
108 |
109 | Required:
110 |
111 | - `name` (String)
112 |
113 | Optional:
114 |
115 | - `anycast` (Attributes) (see [below for nested schema](#nestedatt--ipv6--address--anycast))
116 | - `enable_on_interface` (Boolean) configure this address on interface
117 | - `prefix` (Attributes) (see [below for nested schema](#nestedatt--ipv6--address--prefix))
118 |
119 |
120 | ### Nested Schema for `ipv6.address.anycast`
121 |
122 |
123 |
124 | ### Nested Schema for `ipv6.address.prefix`
--------------------------------------------------------------------------------
/docs/data-sources/wildfire_analysis_security_profile.md:
--------------------------------------------------------------------------------
1 | ---
2 | # generated by https://github.com/hashicorp/terraform-plugin-docs
3 | page_title: "panos_wildfire_analysis_security_profile Data Source - panos"
4 | subcategory: Objects
5 | description: |-
6 |
7 | ---
8 |
9 | # panos_wildfire_analysis_security_profile (Data Source)
10 |
11 |
12 |
13 |
14 |
15 |
16 | ## Schema
17 |
18 | ### Required
19 |
20 | - `location` (Attributes) The location of this object. (see [below for nested schema](#nestedatt--location))
21 | - `name` (String)
22 |
23 | ### Optional
24 |
25 | - `description` (String)
26 | - `disable_override` (String) disable object override in child device groups
27 | - `rules` (Attributes List) (see [below for nested schema](#nestedatt--rules))
28 |
29 |
30 | ### Nested Schema for `location`
31 |
32 | Optional:
33 |
34 | - `device_group` (Attributes) Located in a specific Device Group (see [below for nested schema](#nestedatt--location--device_group))
35 | - `shared` (Attributes) Panorama shared object (see [below for nested schema](#nestedatt--location--shared))
36 |
37 |
38 | ### Nested Schema for `location.device_group`
39 |
40 | Optional:
41 |
42 | - `name` (String) Device Group name
43 | - `panorama_device` (String) Panorama device name
44 |
45 |
46 |
47 | ### Nested Schema for `location.shared`
48 |
49 |
50 |
51 |
52 | ### Nested Schema for `rules`
53 |
54 | Required:
55 |
56 | - `name` (String)
57 |
58 | Optional:
59 |
60 | - `analysis` (String)
61 | - `application` (List of String)
62 | - `direction` (String)
63 | - `file_type` (List of String)
--------------------------------------------------------------------------------
/docs/data-sources/zone.md:
--------------------------------------------------------------------------------
1 | ---
2 | # generated by https://github.com/hashicorp/terraform-plugin-docs
3 | page_title: "panos_zone Data Source - panos"
4 | subcategory: Network
5 | description: |-
6 |
7 | ---
8 |
9 | # panos_zone (Data Source)
10 |
11 |
12 |
13 |
14 |
15 |
16 | ## Schema
17 |
18 | ### Required
19 |
20 | - `location` (Attributes) The location of this object. (see [below for nested schema](#nestedatt--location))
21 | - `name` (String)
22 |
23 | ### Optional
24 |
25 | - `device_acl` (Attributes) (see [below for nested schema](#nestedatt--device_acl))
26 | - `enable_device_identification` (Boolean)
27 | - `enable_user_identification` (Boolean)
28 | - `network` (Attributes) (see [below for nested schema](#nestedatt--network))
29 | - `user_acl` (Attributes) (see [below for nested schema](#nestedatt--user_acl))
30 |
31 |
32 | ### Nested Schema for `location`
33 |
34 | Optional:
35 |
36 | - `template` (Attributes) Located in a specific template (see [below for nested schema](#nestedatt--location--template))
37 | - `template_stack` (Attributes) Located in a specific template stack (see [below for nested schema](#nestedatt--location--template_stack))
38 | - `vsys` (Attributes) Located in a specific Virtual System (see [below for nested schema](#nestedatt--location--vsys))
39 |
40 |
41 | ### Nested Schema for `location.template`
42 |
43 | Optional:
44 |
45 | - `name` (String) Specific Panorama template
46 | - `ngfw_device` (String) The NGFW device
47 | - `panorama_device` (String) Specific Panorama device
48 | - `vsys` (String) The vsys.
49 |
50 |
51 |
52 | ### Nested Schema for `location.template_stack`
53 |
54 | Optional:
55 |
56 | - `name` (String) Specific Panorama template stack
57 | - `ngfw_device` (String) The NGFW device
58 | - `panorama_device` (String) Specific Panorama device
59 |
60 |
61 |
62 | ### Nested Schema for `location.vsys`
63 |
64 | Optional:
65 |
66 | - `name` (String) The Virtual System name
67 | - `ngfw_device` (String) The NGFW device name
68 |
69 |
70 |
71 |
72 | ### Nested Schema for `device_acl`
73 |
74 | Optional:
75 |
76 | - `exclude_list` (List of String)
77 | - `include_list` (List of String)
78 |
79 |
80 |
81 | ### Nested Schema for `network`
82 |
83 | Optional:
84 |
85 | - `enable_packet_buffer_protection` (Boolean)
86 | - `external` (List of String)
87 | - `layer2` (List of String)
88 | - `layer3` (List of String)
89 | - `log_setting` (String) Log setting for forwarding scan logs
90 | - `net_inspection` (Boolean)
91 | - `tap` (List of String)
92 | - `tunnel` (Attributes) (see [below for nested schema](#nestedatt--network--tunnel))
93 | - `virtual_wire` (List of String)
94 | - `zone_protection_profile` (String) Zone protection profile
95 |
96 |
97 | ### Nested Schema for `network.tunnel`
98 |
99 |
100 |
101 |
102 | ### Nested Schema for `user_acl`
103 |
104 | Optional:
105 |
106 | - `exclude_list` (List of String)
107 | - `include_list` (List of String)
--------------------------------------------------------------------------------
/docs/ephemeral-resources/api_key.md:
--------------------------------------------------------------------------------
1 | ---
2 | # generated by https://github.com/hashicorp/terraform-plugin-docs
3 | page_title: "panos_api_key Ephemeral Resource - panos"
4 | subcategory:
5 | description: |-
6 |
7 | ---
8 |
9 | # panos_api_key (Ephemeral Resource)
10 |
11 |
12 |
13 | ## Example Usage
14 |
15 | ```terraform
16 | # Allows you to generate an API key based on the provided username and password for the `panos_api_key` ephemeral resource.
17 | # Note: The current implementation still requires you to provide a username/password when configuring the provider.
18 | # If you use the same admin account username/password within the provider configuration and the ephemeral resource,
19 | # you will not be able to use the same provider with other resources. The reason is that when we generate an API key
20 | # with the `panos_api_key` ephemeral resource, the old tokens are invalidated automatically (i.e., the token for the
21 | # provider itself). To avoid conflicts, consider using different credentials for the provider configuration and the
22 | # ephemeral resource.
23 |
24 | # Use cases:
25 | # - Store short lived API keys in a Cloud Key Management Service which will also support ephemeral resources
26 | # - Dynamically configure diffferent instances of panos provider instances bound to different admin accounts
27 |
28 | provider "panos" {
29 | hostname = ""
30 | username = ""
31 | password = ""
32 | }
33 |
34 | ephemeral "panos_api_key" "example" {
35 | username = ""
36 | password = ""
37 | }
38 |
39 | # Use case 1: Configure a new provider with the new API key
40 | provider "panos" {
41 | hostname = ""
42 | api_key = ephemeral.panos_api_key.example.api_key
43 |
44 | alias = "user1"
45 | }
46 | ```
47 |
48 |
49 | ## Schema
50 |
51 | ### Required
52 |
53 | - `password` (String, Sensitive)
54 | - `username` (String)
55 |
56 | ### Optional
57 |
58 | - `api_key` (String, Sensitive)
--------------------------------------------------------------------------------
/docs/ephemeral-resources/vm_auth_key.md:
--------------------------------------------------------------------------------
1 | ---
2 | # generated by https://github.com/hashicorp/terraform-plugin-docs
3 | page_title: "panos_vm_auth_key Ephemeral Resource - panos"
4 | subcategory: ""
5 | description: |-
6 |
7 | ---
8 |
9 | # panos_vm_auth_key (Ephemeral Resource)
10 |
11 |
12 |
13 | ## Example Usage
14 |
15 | ```terraform
16 | # Generate the VM Auth Key on Panorama
17 | # https://docs.paloaltonetworks.com/vm-series/11-0/vm-series-deployment/bootstrap-the-vm-series-firewall/generate-the-vm-auth-key-on-panorama
18 |
19 | ephemeral "panos_vm_auth_key" "this" {
20 | lifetime = 1
21 | }
22 | ```
23 |
24 |
25 | ## Schema
26 |
27 | ### Required
28 |
29 | - `lifetime` (Number)
30 |
31 | ### Optional
32 |
33 | - `expiration_date` (String)
34 | - `vm_auth_key` (String, Sensitive)
35 |
--------------------------------------------------------------------------------
/docs/functions/address_value.md:
--------------------------------------------------------------------------------
1 | ---
2 | # generated by https://github.com/hashicorp/terraform-plugin-docs
3 | page_title: "address_value function - panos"
4 | subcategory:
5 | description: |-
6 | Return value of a given address resource
7 | ---
8 |
9 | # function: address_value
10 |
11 | Given an address object resource, return its value.
12 |
13 | ## Example Usage
14 |
15 | ```terraform
16 | # Example 1: Get the value of a single address object.
17 | output "foo_value" {
18 | value = provider::panos::address_value(panos_addresses.example.addresses.foo)
19 | }
20 |
21 | # Example 2: Transform all the address objects into a map of values.
22 | output "address_values" {
23 | value = { for k, v in panos_addresses.example.addresses : k => provider::panos::address_value(panos_addresses.example.addresses[k]) }
24 | }
25 |
26 | resource "panos_addresses" "example" {
27 | location = {
28 | device_group = {
29 | name = panos_device_group.example.name
30 | }
31 | }
32 |
33 | addresses = {
34 | "foo" = {
35 | description = "foo example"
36 | ip_netmask = "1.1.1.1"
37 | }
38 | "bar" = {
39 | description = "bar example"
40 | ip_netmask = "2.2.2.2"
41 | }
42 | }
43 | }
44 |
45 | resource "panos_device_group" "example" {
46 | location = {
47 | panorama = {}
48 | }
49 |
50 | name = "example-device-group"
51 | }
52 | ```
53 |
54 | ## Signature
55 |
56 |
57 | ```text
58 | address_value(address object) string
59 | ```
60 |
61 | ## Arguments
62 |
63 |
64 | 1. `address` (Object) address resource to get value from
--------------------------------------------------------------------------------
/docs/functions/generate_import_id.md:
--------------------------------------------------------------------------------
1 | ---
2 | # generated by https://github.com/hashicorp/terraform-plugin-docs
3 | page_title: "generate_import_id function - panos"
4 | subcategory:
5 | description: |-
6 | Generate Import ID
7 | ---
8 |
9 | # function: generate_import_id
10 |
11 | Generate Import ID for the given resource that can be used to import resources into the state.
12 |
13 |
14 |
15 | ## Signature
16 |
17 |
18 | ```text
19 | generate_import_id(resource_asn string, resource_data dynamic) string
20 | ```
21 |
22 | ## Arguments
23 |
24 |
25 | 1. `resource_asn` (String) Name of the resource
26 | 1. `resource_data` (Dynamic) Resource data
--------------------------------------------------------------------------------
/docs/guides/location.md:
--------------------------------------------------------------------------------
1 | ---
2 | page_title: 'Location Argument'
3 | ---
4 |
5 | The v2 provider adds a new 'location' argument to all resources and data sources, allowing users to explicitly specify the configuration's location. This guide lists available locations that you can use based on your requirements.
6 |
7 | #### Unmanaged Firewall
8 |
9 | ```hcl
10 | location = {
11 | ngfw_device = "localhost.localdomain"
12 | name = "vsys1"
13 | }
14 | ```
15 |
16 | #### Panorama
17 |
18 | ```hcl
19 | location = {
20 | panorama = {
21 | panorama_device = "localhost.localdomain"
22 | }
23 | }
24 | ```
25 |
26 | #### Panorama Managed Firewall
27 |
28 | ```hcl
29 | location = {
30 | from_panorama_shared = {}
31 | }
32 |
33 | location = {
34 | from_panorama_vsys = {
35 | vsys = "vsys1"
36 | }
37 | }
38 | ```
39 |
40 | #### Specific Device Group
41 |
42 | ```hcl
43 | location = {
44 | device_group = {
45 | panorama_device = "localhost.localdomain"
46 | name = ""
47 | }
48 | }
49 | ```
50 |
51 | #### Specific Template
52 |
53 | ```hcl
54 | location = {
55 | template = {
56 | vsys = "vsys1"
57 | panorama_device = "localhost.localdomain"
58 | name = ""
59 | ngfw_device = "localhost.localdomain"
60 | }
61 | }
62 | ```
63 |
64 | #### Specific Template Stack
65 |
66 | ```hcl
67 | location = {
68 | template_stack = {
69 | panorama_device = "localhost.localdomain"
70 | name = ""
71 | ngfw_device = "localhost.localdomain"
72 | }
73 | }
74 | ```
75 |
76 | #### Common (Panorama or NGFW)
77 |
78 | ```hcl
79 | location = {
80 | shared = {}
81 | }
82 | ```
83 |
--------------------------------------------------------------------------------
/docs/resources/address.md:
--------------------------------------------------------------------------------
1 | ---
2 | # generated by https://github.com/hashicorp/terraform-plugin-docs
3 | page_title: "panos_address Resource - panos"
4 | subcategory: Objects
5 | description: |-
6 |
7 | ---
8 |
9 | # panos_address (Resource)
10 |
11 |
12 |
13 | ## Example Usage
14 |
15 | ```terraform
16 | resource "panos_address" "example" {
17 | location = {
18 | device_group = {
19 | name = panos_device_group.example.name
20 | }
21 | }
22 |
23 | for_each = tomap({
24 | "addr1" = {
25 | description = "example address 1"
26 | ip_netmask = "10.0.0.1/32"
27 | }
28 | "addr2" = {
29 | description = "example address 2"
30 | fqdn = "example.com"
31 | }
32 | })
33 |
34 | name = each.key
35 | description = each.value.description
36 | ip_netmask = lookup(each.value, "ip_netmask", null)
37 | fqdn = lookup(each.value, "fqdn", null)
38 | }
39 |
40 | resource "panos_device_group" "example" {
41 | location = {
42 | panorama = {}
43 | }
44 |
45 | name = "example-device-group"
46 | }
47 | ```
48 |
49 |
50 | ## Schema
51 |
52 | ### Required
53 |
54 | - `location` (Attributes) The location of this object. (see [below for nested schema](#nestedatt--location))
55 | - `name` (String)
56 |
57 | ### Optional
58 |
59 | - `description` (String) The description.
60 | - `disable_override` (String) disable object override in child device groups
61 | - `fqdn` (String) The FQDN value.
62 | - `ip_netmask` (String) The IP netmask value.
63 | - `ip_range` (String) The IP range value.
64 | - `ip_wildcard` (String) The IP wildcard value.
65 | - `tags` (List of String) The administrative tags.
66 |
67 |
68 | ### Nested Schema for `location`
69 |
70 | Optional:
71 |
72 | - `device_group` (Attributes) Located in a specific Device Group (see [below for nested schema](#nestedatt--location--device_group))
73 | - `shared` (Attributes) Panorama shared object (see [below for nested schema](#nestedatt--location--shared))
74 | - `vsys` (Attributes) Located in a specific Virtual System (see [below for nested schema](#nestedatt--location--vsys))
75 |
76 |
77 | ### Nested Schema for `location.device_group`
78 |
79 | Optional:
80 |
81 | - `name` (String) Device Group name
82 | - `panorama_device` (String) Panorama device name
83 |
84 |
85 |
86 | ### Nested Schema for `location.shared`
87 |
88 |
89 |
90 | ### Nested Schema for `location.vsys`
91 |
92 | Optional:
93 |
94 | - `name` (String) The Virtual System name
95 | - `ngfw_device` (String) The NGFW device name
96 |
97 | ## Import
98 |
99 | Import is supported using the following syntax:
100 |
101 | ```shell
102 | # An address can be imported by providing the following base64 encoded object as the ID
103 | # {
104 | # location = {
105 | # device_group = {
106 | # name = "example-device-group"
107 | # panorama_device = "localhost.localdomain"
108 | # }
109 | # }
110 | #
111 | # name = "addr1"
112 | # }
113 | terraform import panos_address.example $(echo '{"location":{"device_group":{"name":"example-device-group","panorama_device":"localhost.localdomain"}},"name":"addr1"}' | base64)
114 | ```
--------------------------------------------------------------------------------
/docs/resources/address_group.md:
--------------------------------------------------------------------------------
1 | ---
2 | # generated by https://github.com/hashicorp/terraform-plugin-docs
3 | page_title: "panos_address_group Resource - panos"
4 | subcategory: Objects
5 | description: |-
6 |
7 | ---
8 |
9 | # panos_address_group (Resource)
10 |
11 |
12 |
13 | ## Example Usage
14 |
15 | ```terraform
16 | resource "panos_address_group" "example" {
17 | location = {
18 | device_group = {
19 | name = panos_device_group.example.name
20 | }
21 | }
22 |
23 | name = "example-address-group"
24 | description = "example address group"
25 | static = [for k in panos_address.example : k.name]
26 | }
27 |
28 | resource "panos_address" "example" {
29 | location = {
30 | device_group = {
31 | name = panos_device_group.example.name
32 | }
33 | }
34 |
35 | for_each = tomap({
36 | "addr1" = {
37 | description = "example address 1"
38 | ip_netmask = "10.0.0.1/32"
39 | }
40 | "addr2" = {
41 | description = "example address 2"
42 | fqdn = "example.com"
43 | }
44 | })
45 |
46 | name = each.key
47 | description = each.value.description
48 | ip_netmask = lookup(each.value, "ip_netmask", null)
49 | fqdn = lookup(each.value, "fqdn", null)
50 | }
51 |
52 | resource "panos_device_group" "example" {
53 | location = {
54 | panorama = {}
55 | }
56 |
57 | name = "example-device-group"
58 | }
59 | ```
60 |
61 |
62 | ## Schema
63 |
64 | ### Required
65 |
66 | - `location` (Attributes) The location of this object. (see [below for nested schema](#nestedatt--location))
67 | - `name` (String)
68 |
69 | ### Optional
70 |
71 | - `description` (String)
72 | - `disable_override` (String) disable object override in child device groups
73 | - `dynamic` (Attributes) (see [below for nested schema](#nestedatt--dynamic))
74 | - `static` (List of String)
75 | - `tag` (List of String)
76 |
77 |
78 | ### Nested Schema for `location`
79 |
80 | Optional:
81 |
82 | - `device_group` (Attributes) Located in a specific Device Group (see [below for nested schema](#nestedatt--location--device_group))
83 | - `shared` (Attributes) Panorama shared object (see [below for nested schema](#nestedatt--location--shared))
84 | - `vsys` (Attributes) Located in a specific Virtual System (see [below for nested schema](#nestedatt--location--vsys))
85 |
86 |
87 | ### Nested Schema for `location.device_group`
88 |
89 | Optional:
90 |
91 | - `name` (String) Device Group name
92 | - `panorama_device` (String) Panorama device name
93 |
94 |
95 |
96 | ### Nested Schema for `location.shared`
97 |
98 |
99 |
100 | ### Nested Schema for `location.vsys`
101 |
102 | Optional:
103 |
104 | - `name` (String) The Virtual System name
105 | - `ngfw_device` (String) The NGFW device name
106 |
107 |
108 |
109 |
110 | ### Nested Schema for `dynamic`
111 |
112 | Optional:
113 |
114 | - `filter` (String) tag-based filter
115 |
116 | ## Import
117 |
118 | Import is supported using the following syntax:
119 |
120 | ```shell
121 | # An address group can be imported by providing the following base64 encoded object as the ID
122 | # {
123 | # location = {
124 | # device_group = {
125 | # name = "example-device-group"
126 | # panorama_device = "localhost.localdomain"
127 | # }
128 | # }
129 | #
130 | # name = "example-address-group"
131 | # }
132 | terraform import panos_address_group.example $(echo '{"location":{"device_group":{"name":"example-device-group","panorama_device":"localhost.localdomain"}},"name":"example-address-group"}' | base64)
133 | ```
--------------------------------------------------------------------------------
/docs/resources/addresses.md:
--------------------------------------------------------------------------------
1 | ---
2 | # generated by https://github.com/hashicorp/terraform-plugin-docs
3 | page_title: "panos_addresses Resource - panos"
4 | subcategory: Objects
5 | description: |-
6 |
7 | ---
8 |
9 | # panos_addresses (Resource)
10 |
11 |
12 |
13 | ## Example Usage
14 |
15 | ```terraform
16 | resource "panos_addresses" "example" {
17 | location = {
18 | device_group = {
19 | name = panos_device_group.example.name
20 | }
21 | }
22 |
23 | addresses = {
24 | "foo" = {
25 | description = "foo example"
26 | ip_netmask = "1.1.1.1"
27 | }
28 | "bar" = {
29 | description = "bar example"
30 | ip_netmask = "2.2.2.2"
31 | }
32 | }
33 | }
34 |
35 | resource "panos_device_group" "example" {
36 | location = {
37 | panorama = {}
38 | }
39 |
40 | name = "example-device-group"
41 | }
42 |
43 | # Provider function to get the address values
44 |
45 | # Example 1: Get the value of a single address object.
46 | output "foo_value" {
47 | value = provider::panos::address_value(panos_addresses.example.addresses.foo)
48 | }
49 |
50 | # Example 2: Transform all the address objects into a map of values.
51 | output "address_values" {
52 | value = { for k, v in panos_addresses.example.addresses : k => provider::panos::address_value(panos_addresses.example.addresses[k]) }
53 | }
54 | ```
55 |
56 |
57 | ## Schema
58 |
59 | ### Required
60 |
61 | - `addresses` (Attributes Map) (see [below for nested schema](#nestedatt--addresses))
62 | - `location` (Attributes) The location of this object. (see [below for nested schema](#nestedatt--location))
63 |
64 |
65 | ### Nested Schema for `addresses`
66 |
67 | Optional:
68 |
69 | - `description` (String) The description.
70 | - `disable_override` (String) disable object override in child device groups
71 | - `fqdn` (String) The FQDN value.
72 | - `ip_netmask` (String) The IP netmask value.
73 | - `ip_range` (String) The IP range value.
74 | - `ip_wildcard` (String) The IP wildcard value.
75 | - `tags` (List of String) The administrative tags.
76 |
77 |
78 |
79 | ### Nested Schema for `location`
80 |
81 | Optional:
82 |
83 | - `device_group` (Attributes) Located in a specific Device Group (see [below for nested schema](#nestedatt--location--device_group))
84 | - `shared` (Attributes) Panorama shared object (see [below for nested schema](#nestedatt--location--shared))
85 | - `vsys` (Attributes) Located in a specific Virtual System (see [below for nested schema](#nestedatt--location--vsys))
86 |
87 |
88 | ### Nested Schema for `location.device_group`
89 |
90 | Optional:
91 |
92 | - `name` (String) Device Group name
93 | - `panorama_device` (String) Panorama device name
94 |
95 |
96 |
97 | ### Nested Schema for `location.shared`
98 |
99 |
100 |
101 | ### Nested Schema for `location.vsys`
102 |
103 | Optional:
104 |
105 | - `name` (String) The Virtual System name
106 | - `ngfw_device` (String) The NGFW device name
107 |
108 | ## Import
109 |
110 | Import is supported using the following syntax:
111 |
112 | ```shell
113 | # Addresses can be imported by providing the following base64 encoded object as the ID
114 | # {
115 | # location = {
116 | # device_group = {
117 | # name = "example-device-group"
118 | # panorama_device = "localhost.localdomain"
119 | # }
120 | # }
121 | #
122 | # names = [
123 | # "foo",
124 | # "bar"
125 | # ]
126 | # }
127 | terraform import panos_addresses.example $(echo '{"location":{"device_group":{"name":"example-device-group","panorama_device":"localhost.localdomain"}},"names":["foo","bar"]}' | base64)
128 | ```
--------------------------------------------------------------------------------
/docs/resources/administrative_tag.md:
--------------------------------------------------------------------------------
1 | ---
2 | # generated by https://github.com/hashicorp/terraform-plugin-docs
3 | page_title: "panos_administrative_tag Resource - panos"
4 | subcategory: Objects
5 | description: |-
6 |
7 | ---
8 |
9 | # panos_administrative_tag (Resource)
10 |
11 |
12 |
13 | ## Example Usage
14 |
15 | ```terraform
16 | resource "panos_administrative_tag" "example" {
17 | location = {
18 | device_group = {
19 | name = panos_device_group.example.name
20 | }
21 |
22 | }
23 |
24 | name = "foo"
25 | color = "color1"
26 | }
27 |
28 | resource "panos_device_group" "example" {
29 | location = {
30 | panorama = {}
31 | }
32 |
33 | name = "example-device-group"
34 | }
35 | ```
36 |
37 |
38 | ## Schema
39 |
40 | ### Required
41 |
42 | - `location` (Attributes) The location of this object. (see [below for nested schema](#nestedatt--location))
43 | - `name` (String)
44 |
45 | ### Optional
46 |
47 | - `color` (String)
48 | - `comments` (String)
49 | - `disable_override` (String) disable object override in child device groups
50 |
51 |
52 | ### Nested Schema for `location`
53 |
54 | Optional:
55 |
56 | - `device_group` (Attributes) Located in a specific Device Group (see [below for nested schema](#nestedatt--location--device_group))
57 | - `shared` (Attributes) Panorama shared object (see [below for nested schema](#nestedatt--location--shared))
58 | - `vsys` (Attributes) Located in a specific Virtual System (see [below for nested schema](#nestedatt--location--vsys))
59 |
60 |
61 | ### Nested Schema for `location.device_group`
62 |
63 | Optional:
64 |
65 | - `name` (String) Device Group name
66 | - `panorama_device` (String) Panorama device name
67 |
68 |
69 |
70 | ### Nested Schema for `location.shared`
71 |
72 |
73 |
74 | ### Nested Schema for `location.vsys`
75 |
76 | Optional:
77 |
78 | - `name` (String) The Virtual System name
79 | - `ngfw_device` (String) The NGFW device name
--------------------------------------------------------------------------------
/docs/resources/antivirus_security_profile.md:
--------------------------------------------------------------------------------
1 | ---
2 | # generated by https://github.com/hashicorp/terraform-plugin-docs
3 | page_title: "panos_antivirus_security_profile Resource - panos"
4 | subcategory: Objects
5 | description: |-
6 |
7 | ---
8 |
9 | # panos_antivirus_security_profile (Resource)
10 |
11 |
12 |
13 |
14 |
15 |
16 | ## Schema
17 |
18 | ### Required
19 |
20 | - `location` (Attributes) The location of this object. (see [below for nested schema](#nestedatt--location))
21 | - `name` (String)
22 |
23 | ### Optional
24 |
25 | - `application_exceptions` (Attributes List) Application exceptions (see [below for nested schema](#nestedatt--application_exceptions))
26 | - `decoders` (Attributes List) Protocol decoders (see [below for nested schema](#nestedatt--decoders))
27 | - `description` (String) Profile description
28 | - `disable_override` (String) Disable object override in child device groups
29 | - `machine_learning_exceptions` (Attributes List) Exceptions for ML based file scans. (see [below for nested schema](#nestedatt--machine_learning_exceptions))
30 | - `machine_learning_models` (Attributes List) Machine learning models (see [below for nested schema](#nestedatt--machine_learning_models))
31 | - `packet_capture` (Boolean) Enable packet capture
32 | - `threat_exceptions` (Attributes List) Exceptions for specific threats (see [below for nested schema](#nestedatt--threat_exceptions))
33 | - `wfrt_hold_mode` (Boolean) Enable hold mode for WildFire real time signature lookup
34 |
35 |
36 | ### Nested Schema for `location`
37 |
38 | Optional:
39 |
40 | - `device_group` (Attributes) Located in a specific Device Group (see [below for nested schema](#nestedatt--location--device_group))
41 | - `shared` (Attributes) Panorama shared object (see [below for nested schema](#nestedatt--location--shared))
42 | - `vsys` (Attributes) Located in a specific Virtual System (see [below for nested schema](#nestedatt--location--vsys))
43 |
44 |
45 | ### Nested Schema for `location.device_group`
46 |
47 | Optional:
48 |
49 | - `name` (String) Device Group name
50 | - `panorama_device` (String) Panorama device name
51 |
52 |
53 |
54 | ### Nested Schema for `location.shared`
55 |
56 |
57 |
58 | ### Nested Schema for `location.vsys`
59 |
60 | Optional:
61 |
62 | - `name` (String) The Virtual System name
63 | - `ngfw_device` (String) The NGFW device name
64 |
65 |
66 |
67 |
68 | ### Nested Schema for `application_exceptions`
69 |
70 | Required:
71 |
72 | - `name` (String)
73 |
74 | Optional:
75 |
76 | - `action` (String) Action for application exception. Valid values are: `default` (default), `allow`, `alert`, `drop`, `reset-client`, `reset-server`, or `reset-both`
77 |
78 |
79 |
80 | ### Nested Schema for `decoders`
81 |
82 | Required:
83 |
84 | - `name` (String)
85 |
86 | Optional:
87 |
88 | - `action` (String) Action for standard antivirus signatures. Valid values are: `default` (default), `allow`, `alert`, `drop`, `reset-client`, `reset-server`, or `reset-both`
89 | - `ml_action` (String) Action for malicious threats detected in real-time by the WildFire Inline ML models. Valid values are: `default` (default), `allow`, `alert`, `drop`, `reset-client`, `reset-server`, or `reset-both`
90 | - `wildfire_action` (String) Action for signatures generated by the WildFire system. Valid values are: `default` (default), `allow`, `alert`, `drop`, `reset-client`, `reset-server`, or `reset-both`
91 |
92 |
93 |
94 | ### Nested Schema for `machine_learning_exceptions`
95 |
96 | Required:
97 |
98 | - `name` (String)
99 |
100 | Optional:
101 |
102 | - `description` (String) Exception description
103 | - `filename` (String) File name to exclude from enforcement
104 |
105 |
106 |
107 | ### Nested Schema for `machine_learning_models`
108 |
109 | Required:
110 |
111 | - `name` (String)
112 |
113 | Optional:
114 |
115 | - `action` (String) Action for ML model antivirus signatures. Valid values are: `enable`, `enable(alert-only)`, or `disable`
116 |
117 |
118 |
119 | ### Nested Schema for `threat_exceptions`
120 |
121 | Required:
122 |
123 | - `name` (String)
--------------------------------------------------------------------------------
/docs/resources/application_group.md:
--------------------------------------------------------------------------------
1 | ---
2 | # generated by https://github.com/hashicorp/terraform-plugin-docs
3 | page_title: "panos_application_group Resource - panos"
4 | subcategory: Objects
5 | description: |-
6 |
7 | ---
8 |
9 | # panos_application_group (Resource)
10 |
11 |
12 |
13 |
14 |
15 |
16 | ## Schema
17 |
18 | ### Required
19 |
20 | - `location` (Attributes) The location of this object. (see [below for nested schema](#nestedatt--location))
21 | - `name` (String)
22 |
23 | ### Optional
24 |
25 | - `disable_override` (String) disable object override in child device groups
26 | - `members` (List of String)
27 |
28 |
29 | ### Nested Schema for `location`
30 |
31 | Optional:
32 |
33 | - `device_group` (Attributes) Located in a specific Device Group (see [below for nested schema](#nestedatt--location--device_group))
34 | - `shared` (Attributes) Panorama shared object (see [below for nested schema](#nestedatt--location--shared))
35 | - `vsys` (Attributes) Located in a specific Virtual System (see [below for nested schema](#nestedatt--location--vsys))
36 |
37 |
38 | ### Nested Schema for `location.device_group`
39 |
40 | Optional:
41 |
42 | - `name` (String) Device Group name
43 | - `panorama_device` (String) Panorama device name
44 |
45 |
46 |
47 | ### Nested Schema for `location.shared`
48 |
49 |
50 |
51 | ### Nested Schema for `location.vsys`
52 |
53 | Optional:
54 |
55 | - `name` (String) The Virtual System name
56 | - `ngfw_device` (String) The NGFW device name
--------------------------------------------------------------------------------
/docs/resources/custom_url_category.md:
--------------------------------------------------------------------------------
1 | ---
2 | # generated by https://github.com/hashicorp/terraform-plugin-docs
3 | page_title: "panos_custom_url_category Resource - panos"
4 | subcategory: Objects
5 | description: |-
6 |
7 | ---
8 |
9 | # panos_custom_url_category (Resource)
10 |
11 |
12 |
13 | ## Example Usage
14 |
15 | ```terraform
16 | resource "panos_custom_url_category" "name" {
17 | location = {
18 | device_group = {
19 | name = panos_device_group.example.name
20 | }
21 | }
22 |
23 | name = "foo"
24 | type = "URL List"
25 | list = [
26 | "test.com",
27 | "hello.com"
28 | ]
29 |
30 | }
31 |
32 | resource "panos_device_group" "example" {
33 | location = {
34 | panorama = {}
35 | }
36 |
37 | name = "example-device-group"
38 | }
39 | ```
40 |
41 |
42 | ## Schema
43 |
44 | ### Required
45 |
46 | - `location` (Attributes) The location of this object. (see [below for nested schema](#nestedatt--location))
47 | - `name` (String)
48 |
49 | ### Optional
50 |
51 | - `description` (String)
52 | - `disable_override` (String) disable object override in child device groups
53 | - `list` (List of String)
54 | - `type` (String)
55 |
56 |
57 | ### Nested Schema for `location`
58 |
59 | Optional:
60 |
61 | - `device_group` (Attributes) Located in a specific Device Group (see [below for nested schema](#nestedatt--location--device_group))
62 | - `shared` (Attributes) Panorama shared object (see [below for nested schema](#nestedatt--location--shared))
63 | - `vsys` (Attributes) Located in a specific Virtual System (see [below for nested schema](#nestedatt--location--vsys))
64 |
65 |
66 | ### Nested Schema for `location.device_group`
67 |
68 | Optional:
69 |
70 | - `name` (String) Device Group name
71 | - `panorama_device` (String) Panorama device name
72 |
73 |
74 |
75 | ### Nested Schema for `location.shared`
76 |
77 |
78 |
79 | ### Nested Schema for `location.vsys`
80 |
81 | Optional:
82 |
83 | - `name` (String) The Virtual System name
84 | - `ngfw_device` (String) The NGFW device name
--------------------------------------------------------------------------------
/docs/resources/device_group.md:
--------------------------------------------------------------------------------
1 | ---
2 | # generated by https://github.com/hashicorp/terraform-plugin-docs
3 | page_title: "panos_device_group Resource - panos"
4 | subcategory: Panorama
5 | description: |-
6 |
7 | ---
8 |
9 | # panos_device_group (Resource)
10 |
11 |
12 |
13 | ## Example Usage
14 |
15 | ```terraform
16 | resource "panos_device_group" "example" {
17 | location = {
18 | panorama = {}
19 | }
20 |
21 | name = "example device group"
22 | }
23 | ```
24 |
25 |
26 | ## Schema
27 |
28 | ### Required
29 |
30 | - `location` (Attributes) The location of this object. (see [below for nested schema](#nestedatt--location))
31 | - `name` (String) The name of the service.
32 |
33 | ### Optional
34 |
35 | - `authorization_code` (String) Authorization code
36 | - `description` (String) The description.
37 | - `devices` (Attributes List) List of devices (see [below for nested schema](#nestedatt--devices))
38 | - `templates` (List of String) List of reference templates
39 |
40 |
41 | ### Nested Schema for `location`
42 |
43 | Optional:
44 |
45 | - `panorama` (Attributes) Located in a specific Panorama. (see [below for nested schema](#nestedatt--location--panorama))
46 |
47 |
48 | ### Nested Schema for `location.panorama`
49 |
50 | Optional:
51 |
52 | - `panorama_device` (String) The Panorama device.
53 |
54 |
55 |
56 |
57 | ### Nested Schema for `devices`
58 |
59 | Required:
60 |
61 | - `name` (String)
62 |
63 | Optional:
64 |
65 | - `vsys` (List of String)
--------------------------------------------------------------------------------
/docs/resources/device_group_parent.md:
--------------------------------------------------------------------------------
1 | ---
2 | # generated by https://github.com/hashicorp/terraform-plugin-docs
3 | page_title: "panos_device_group_parent Resource - panos"
4 | subcategory: Panorama
5 | description: |-
6 |
7 | ---
8 |
9 | # panos_device_group_parent (Resource)
10 |
11 |
12 |
13 | ## Example Usage
14 |
15 | ```terraform
16 | resource "panos_device_group" "parent" {
17 | location = {
18 | panorama = {}
19 | }
20 |
21 | name = "parent device group"
22 | }
23 |
24 | resource "panos_device_group" "child" {
25 | location = {
26 | panorama = {}
27 | }
28 |
29 | name = "child device group"
30 | }
31 |
32 | resource "panos_device_group_parent" "example" {
33 | location = {
34 | panorama = {}
35 | }
36 | device_group = panos_device_group.child.name
37 | parent = panos_device_group.parent.name
38 | }
39 | ```
40 |
41 |
42 | ## Schema
43 |
44 | ### Required
45 |
46 | - `location` (Attributes) The location of this object. (see [below for nested schema](#nestedatt--location))
47 |
48 | ### Optional
49 |
50 | - `device_group` (String) The device group whose parent is being set
51 | - `parent` (String) The parent device group. Leaving it empty moves 'device-group' under 'shared'.
52 |
53 |
54 | ### Nested Schema for `location`
55 |
56 | Optional:
57 |
58 | - `panorama` (Attributes) Located in a specific Panorama. (see [below for nested schema](#nestedatt--location--panorama))
59 |
60 |
61 | ### Nested Schema for `location.panorama`
62 |
63 | Optional:
64 |
65 | - `panorama_device` (String) The Panorama device.
--------------------------------------------------------------------------------
/docs/resources/dns_settings.md:
--------------------------------------------------------------------------------
1 | ---
2 | # generated by https://github.com/hashicorp/terraform-plugin-docs
3 | page_title: "panos_dns_settings Resource - panos"
4 | subcategory: Device
5 | description: |-
6 |
7 | ---
8 |
9 | # panos_dns_settings (Resource)
10 |
11 |
12 |
13 | ## Example Usage
14 |
15 | ```terraform
16 | resource "panos_dns_settings" "example" {
17 | location = {
18 | system = {}
19 | }
20 |
21 | dns_settings = {
22 | servers = {
23 | primary = "8.8.8.8"
24 | secondary = "1.1.1.1"
25 | }
26 | }
27 | }
28 | ```
29 |
30 |
31 | ## Schema
32 |
33 | ### Required
34 |
35 | - `location` (Attributes) The location of this object. (see [below for nested schema](#nestedatt--location))
36 |
37 | ### Optional
38 |
39 | - `dns_settings` (Attributes) (see [below for nested schema](#nestedatt--dns_settings))
40 | - `fqdn_refresh_time` (Number) Seconds for Periodic Timer to refresh expired FQDN object entries
41 |
42 |
43 | ### Nested Schema for `location`
44 |
45 | Optional:
46 |
47 | - `system` (Attributes) Located in a system settings. (see [below for nested schema](#nestedatt--location--system))
48 | - `template` (Attributes) Located in a specific template. (see [below for nested schema](#nestedatt--location--template))
49 | - `template_stack` (Attributes) Located in a specific template stack. (see [below for nested schema](#nestedatt--location--template_stack))
50 |
51 |
52 | ### Nested Schema for `location.system`
53 |
54 | Optional:
55 |
56 | - `ngfw_device` (String) The NGFW device.
57 |
58 |
59 |
60 | ### Nested Schema for `location.template`
61 |
62 | Optional:
63 |
64 | - `name` (String) The template.
65 | - `ngfw_device` (String) The NGFW device.
66 | - `panorama_device` (String) The panorama device.
67 |
68 |
69 |
70 | ### Nested Schema for `location.template_stack`
71 |
72 | Optional:
73 |
74 | - `name` (String) The template stack.
75 | - `ngfw_device` (String) The NGFW device.
76 | - `panorama_device` (String) The panorama device.
77 |
78 |
79 |
80 |
81 | ### Nested Schema for `dns_settings`
82 |
83 | Optional:
84 |
85 | - `servers` (Attributes) (see [below for nested schema](#nestedatt--dns_settings--servers))
86 |
87 |
88 | ### Nested Schema for `dns_settings.servers`
89 |
90 | Optional:
91 |
92 | - `primary` (String) Primary DNS server IP address
93 | - `secondary` (String) Secondary DNS server IP address
--------------------------------------------------------------------------------
/docs/resources/file_blocking_security_profile.md:
--------------------------------------------------------------------------------
1 | ---
2 | # generated by https://github.com/hashicorp/terraform-plugin-docs
3 | page_title: "panos_file_blocking_security_profile Resource - panos"
4 | subcategory: Objects
5 | description: |-
6 |
7 | ---
8 |
9 | # panos_file_blocking_security_profile (Resource)
10 |
11 |
12 |
13 |
14 |
15 |
16 | ## Schema
17 |
18 | ### Required
19 |
20 | - `location` (Attributes) The location of this object. (see [below for nested schema](#nestedatt--location))
21 | - `name` (String)
22 |
23 | ### Optional
24 |
25 | - `description` (String) Profile description.
26 | - `disable_override` (String) Disable object override in child device groups.
27 | - `rules` (Attributes List) List of rules. (see [below for nested schema](#nestedatt--rules))
28 |
29 |
30 | ### Nested Schema for `location`
31 |
32 | Optional:
33 |
34 | - `device_group` (Attributes) Located in a specific Device Group (see [below for nested schema](#nestedatt--location--device_group))
35 | - `shared` (Attributes) Panorama shared object (see [below for nested schema](#nestedatt--location--shared))
36 | - `vsys` (Attributes) Located in a specific Virtual System (see [below for nested schema](#nestedatt--location--vsys))
37 |
38 |
39 | ### Nested Schema for `location.device_group`
40 |
41 | Optional:
42 |
43 | - `name` (String) Device Group name
44 | - `panorama_device` (String) Panorama device name
45 |
46 |
47 |
48 | ### Nested Schema for `location.shared`
49 |
50 |
51 |
52 | ### Nested Schema for `location.vsys`
53 |
54 | Optional:
55 |
56 | - `name` (String) The Virtual System name
57 | - `ngfw_device` (String) The NGFW device name
58 |
59 |
60 |
61 |
62 | ### Nested Schema for `rules`
63 |
64 | Required:
65 |
66 | - `name` (String)
67 |
68 | Optional:
69 |
70 | - `action` (String) Action to take on matching files.
71 | - `applications` (List of String) List of applications.
72 | - `direction` (String) File transfer direction.
73 | - `file_types` (List of String) List of file types.
--------------------------------------------------------------------------------
/docs/resources/ike_crypto_profile.md:
--------------------------------------------------------------------------------
1 | ---
2 | # generated by https://github.com/hashicorp/terraform-plugin-docs
3 | page_title: "panos_ike_crypto_profile Resource - panos"
4 | subcategory: Network
5 | description: |-
6 |
7 | ---
8 |
9 | # panos_ike_crypto_profile (Resource)
10 |
11 |
12 |
13 |
14 |
15 |
16 | ## Schema
17 |
18 | ### Required
19 |
20 | - `location` (Attributes) The location of this object. (see [below for nested schema](#nestedatt--location))
21 | - `name` (String)
22 |
23 | ### Optional
24 |
25 | - `authentication_multiple` (Number) IKEv2 SA reauthentication interval equals authetication-multiple * rekey-lifetime; 0 means reauthentication disabled
26 | - `dh_group` (List of String)
27 | - `encryption` (List of String)
28 | - `hash` (List of String)
29 | - `lifetime` (Attributes) (see [below for nested schema](#nestedatt--lifetime))
30 |
31 |
32 | ### Nested Schema for `location`
33 |
34 | Optional:
35 |
36 | - `ngfw` (Attributes) Located in a specific NGFW device (see [below for nested schema](#nestedatt--location--ngfw))
37 | - `template` (Attributes) Located in a specific template (see [below for nested schema](#nestedatt--location--template))
38 | - `template_stack` (Attributes) Located in a specific template stack (see [below for nested schema](#nestedatt--location--template_stack))
39 |
40 |
41 | ### Nested Schema for `location.ngfw`
42 |
43 | Optional:
44 |
45 | - `ngfw_device` (String) The NGFW device
46 |
47 |
48 |
49 | ### Nested Schema for `location.template`
50 |
51 | Optional:
52 |
53 | - `name` (String) Specific Panorama template
54 | - `ngfw_device` (String) The NGFW device
55 | - `panorama_device` (String) Specific Panorama device
56 |
57 |
58 |
59 | ### Nested Schema for `location.template_stack`
60 |
61 | Optional:
62 |
63 | - `name` (String) Specific Panorama template stack
64 | - `ngfw_device` (String) The NGFW device
65 | - `panorama_device` (String) Specific Panorama device
66 |
67 |
68 |
69 |
70 | ### Nested Schema for `lifetime`
71 |
72 | Optional:
73 |
74 | - `days` (Number) specify lifetime in days
75 | - `hours` (Number) specify lifetime in hours
76 | - `minutes` (Number) specify lifetime in minutes
77 | - `seconds` (Number) specify lifetime in seconds
--------------------------------------------------------------------------------
/docs/resources/interface_management_profile.md:
--------------------------------------------------------------------------------
1 | ---
2 | # generated by https://github.com/hashicorp/terraform-plugin-docs
3 | page_title: "panos_interface_management_profile Resource - panos"
4 | subcategory: Network
5 | description: |-
6 |
7 | ---
8 |
9 | # panos_interface_management_profile (Resource)
10 |
11 |
12 |
13 | ## Example Usage
14 |
15 | ```terraform
16 | resource "panos_interface_management_profile" "example" {
17 | location = {
18 | template = {
19 | name = panos_template.example.name
20 | }
21 | }
22 |
23 | name = "example"
24 |
25 | http = true
26 | ping = true
27 |
28 | permitted_ips = [
29 | { name = "1.1.1.1" },
30 | { name = "2.2.2.2" }
31 | ]
32 |
33 | }
34 |
35 | resource "panos_template" "example" {
36 |
37 | location = {
38 | panorama = {}
39 | }
40 | name = "template-example"
41 | description = "example template"
42 |
43 | }
44 | ```
45 |
46 |
47 | ## Schema
48 |
49 | ### Required
50 |
51 | - `location` (Attributes) The location of this object. (see [below for nested schema](#nestedatt--location))
52 | - `name` (String)
53 |
54 | ### Optional
55 |
56 | - `http` (Boolean)
57 | - `http_ocsp` (Boolean)
58 | - `https` (Boolean)
59 | - `permitted_ips` (Attributes List) (see [below for nested schema](#nestedatt--permitted_ips))
60 | - `ping` (Boolean)
61 | - `response_pages` (Boolean)
62 | - `snmp` (Boolean)
63 | - `ssh` (Boolean)
64 | - `telnet` (Boolean)
65 | - `userid_service` (Boolean)
66 | - `userid_syslog_listener_ssl` (Boolean)
67 | - `userid_syslog_listener_udp` (Boolean)
68 |
69 |
70 | ### Nested Schema for `location`
71 |
72 | Optional:
73 |
74 | - `ngfw` (Attributes) Located in a specific NGFW device (see [below for nested schema](#nestedatt--location--ngfw))
75 | - `template` (Attributes) Located in a specific template (see [below for nested schema](#nestedatt--location--template))
76 | - `template_stack` (Attributes) Located in a specific template stack (see [below for nested schema](#nestedatt--location--template_stack))
77 |
78 |
79 | ### Nested Schema for `location.ngfw`
80 |
81 | Optional:
82 |
83 | - `ngfw_device` (String) The NGFW device
84 |
85 |
86 |
87 | ### Nested Schema for `location.template`
88 |
89 | Optional:
90 |
91 | - `name` (String) Specific Panorama template
92 | - `ngfw_device` (String) The NGFW device
93 | - `panorama_device` (String) Specific Panorama device
94 |
95 |
96 |
97 | ### Nested Schema for `location.template_stack`
98 |
99 | Optional:
100 |
101 | - `name` (String) Specific Panorama template stack
102 | - `ngfw_device` (String) The NGFW device
103 | - `panorama_device` (String) Specific Panorama device
104 |
105 |
106 |
107 |
108 | ### Nested Schema for `permitted_ips`
109 |
110 | Required:
111 |
112 | - `name` (String)
--------------------------------------------------------------------------------
/docs/resources/ipsec_crypto_profile.md:
--------------------------------------------------------------------------------
1 | ---
2 | # generated by https://github.com/hashicorp/terraform-plugin-docs
3 | page_title: "panos_ipsec_crypto_profile Resource - panos"
4 | subcategory: Network
5 | description: |-
6 |
7 | ---
8 |
9 | # panos_ipsec_crypto_profile (Resource)
10 |
11 |
12 |
13 |
14 |
15 |
16 | ## Schema
17 |
18 | ### Required
19 |
20 | - `location` (Attributes) The location of this object. (see [below for nested schema](#nestedatt--location))
21 | - `name` (String)
22 |
23 | ### Optional
24 |
25 | - `ah` (Attributes) (see [below for nested schema](#nestedatt--ah))
26 | - `dh_group` (String) phase-2 DH group (PFS DH group)
27 | - `esp` (Attributes) (see [below for nested schema](#nestedatt--esp))
28 | - `lifesize` (Attributes) (see [below for nested schema](#nestedatt--lifesize))
29 | - `lifetime` (Attributes) (see [below for nested schema](#nestedatt--lifetime))
30 |
31 |
32 | ### Nested Schema for `location`
33 |
34 | Optional:
35 |
36 | - `ngfw` (Attributes) Located in a specific NGFW device (see [below for nested schema](#nestedatt--location--ngfw))
37 | - `template` (Attributes) Located in a specific template (see [below for nested schema](#nestedatt--location--template))
38 | - `template_stack` (Attributes) Located in a specific template stack (see [below for nested schema](#nestedatt--location--template_stack))
39 |
40 |
41 | ### Nested Schema for `location.ngfw`
42 |
43 | Optional:
44 |
45 | - `ngfw_device` (String) The NGFW device
46 |
47 |
48 |
49 | ### Nested Schema for `location.template`
50 |
51 | Optional:
52 |
53 | - `name` (String) Specific Panorama template
54 | - `ngfw_device` (String) The NGFW device
55 | - `panorama_device` (String) Specific Panorama device
56 |
57 |
58 |
59 | ### Nested Schema for `location.template_stack`
60 |
61 | Optional:
62 |
63 | - `name` (String) Specific Panorama template stack
64 | - `ngfw_device` (String) The NGFW device
65 | - `panorama_device` (String) Specific Panorama device
66 |
67 |
68 |
69 |
70 | ### Nested Schema for `ah`
71 |
72 | Optional:
73 |
74 | - `authentication` (List of String)
75 |
76 |
77 |
78 | ### Nested Schema for `esp`
79 |
80 | Optional:
81 |
82 | - `authentication` (List of String)
83 | - `encryption` (List of String)
84 |
85 |
86 |
87 | ### Nested Schema for `lifesize`
88 |
89 | Optional:
90 |
91 | - `gb` (Number) specify lifesize in gigabytes(GB)
92 | - `kb` (Number) specify lifesize in kilobytes(KB)
93 | - `mb` (Number) specify lifesize in megabytes(MB)
94 | - `tb` (Number) specify lifesize in terabytes(TB)
95 |
96 |
97 |
98 | ### Nested Schema for `lifetime`
99 |
100 | Optional:
101 |
102 | - `days` (Number) specify lifetime in days
103 | - `hours` (Number) specify lifetime in hours
104 | - `minutes` (Number) specify lifetime in minutes
105 | - `seconds` (Number) specify lifetime in seconds
--------------------------------------------------------------------------------
/docs/resources/log_forwarding_profile.md:
--------------------------------------------------------------------------------
1 | ---
2 | # generated by https://github.com/hashicorp/terraform-plugin-docs
3 | page_title: "panos_log_forwarding_profile Resource - panos"
4 | subcategory: Objects
5 | description: |-
6 |
7 | ---
8 |
9 | # panos_log_forwarding_profile (Resource)
10 |
11 |
12 |
13 |
14 |
15 |
16 | ## Schema
17 |
18 | ### Required
19 |
20 | - `location` (Attributes) The location of this object. (see [below for nested schema](#nestedatt--location))
21 | - `name` (String)
22 |
23 | ### Optional
24 |
25 | - `description` (String)
26 | - `disable_override` (String) disable object override in child device groups
27 | - `enhanced_application_logging` (Boolean) Enabling enhanced-application-logging
28 | - `match_list` (Attributes List) (see [below for nested schema](#nestedatt--match_list))
29 |
30 |
31 | ### Nested Schema for `location`
32 |
33 | Optional:
34 |
35 | - `device_group` (Attributes) Located in a specific Device Group (see [below for nested schema](#nestedatt--location--device_group))
36 | - `shared` (Attributes) Panorama shared object (see [below for nested schema](#nestedatt--location--shared))
37 |
38 |
39 | ### Nested Schema for `location.device_group`
40 |
41 | Optional:
42 |
43 | - `name` (String) Device Group name
44 | - `panorama_device` (String) Panorama device name
45 |
46 |
47 |
48 | ### Nested Schema for `location.shared`
49 |
50 |
51 |
52 |
53 | ### Nested Schema for `match_list`
54 |
55 | Required:
56 |
57 | - `name` (String)
58 |
59 | Optional:
60 |
61 | - `action_desc` (String)
62 | - `actions` (Attributes List) (see [below for nested schema](#nestedatt--match_list--actions))
63 | - `filter` (String)
64 | - `log_type` (String) Pick log type
65 | - `quarantine` (Boolean)
66 | - `send_email` (List of String)
67 | - `send_http` (List of String)
68 | - `send_snmptrap` (List of String)
69 | - `send_syslog` (List of String)
70 | - `send_to_panorama` (Boolean)
71 |
72 |
73 | ### Nested Schema for `match_list.actions`
74 |
75 | Required:
76 |
77 | - `name` (String)
78 |
79 | Optional:
80 |
81 | - `type` (Attributes) (see [below for nested schema](#nestedatt--match_list--actions--type))
82 |
83 |
84 | ### Nested Schema for `match_list.actions.type`
85 |
86 | Optional:
87 |
88 | - `integration` (Attributes) (see [below for nested schema](#nestedatt--match_list--actions--type--integration))
89 | - `tagging` (Attributes) (see [below for nested schema](#nestedatt--match_list--actions--type--tagging))
90 |
91 |
92 | ### Nested Schema for `match_list.actions.type.integration`
93 |
94 | Optional:
95 |
96 | - `action` (String)
97 |
98 |
99 |
100 | ### Nested Schema for `match_list.actions.type.tagging`
101 |
102 | Optional:
103 |
104 | - `action` (String)
105 | - `registration` (Attributes) (see [below for nested schema](#nestedatt--match_list--actions--type--tagging--registration))
106 | - `tags` (List of String)
107 | - `target` (String)
108 | - `timeout` (Number) timeout in minutes
109 |
110 |
111 | ### Nested Schema for `match_list.actions.type.tagging.registration`
112 |
113 | Optional:
114 |
115 | - `localhost` (Attributes) (see [below for nested schema](#nestedatt--match_list--actions--type--tagging--registration--localhost))
116 | - `panorama` (Attributes) (see [below for nested schema](#nestedatt--match_list--actions--type--tagging--registration--panorama))
117 | - `remote` (Attributes) (see [below for nested schema](#nestedatt--match_list--actions--type--tagging--registration--remote))
118 |
119 |
120 | ### Nested Schema for `match_list.actions.type.tagging.registration.localhost`
121 |
122 |
123 |
124 | ### Nested Schema for `match_list.actions.type.tagging.registration.panorama`
125 |
126 |
127 |
128 | ### Nested Schema for `match_list.actions.type.tagging.registration.remote`
129 |
130 | Optional:
131 |
132 | - `http_profile` (String)
--------------------------------------------------------------------------------
/docs/resources/loopback_interface.md:
--------------------------------------------------------------------------------
1 | ---
2 | # generated by https://github.com/hashicorp/terraform-plugin-docs
3 | page_title: "panos_loopback_interface Resource - panos"
4 | subcategory: Network
5 | description: |-
6 |
7 | ---
8 |
9 | # panos_loopback_interface (Resource)
10 |
11 |
12 |
13 |
14 |
15 |
16 | ## Schema
17 |
18 | ### Required
19 |
20 | - `location` (Attributes) The location of this object. (see [below for nested schema](#nestedatt--location))
21 | - `name` (String)
22 |
23 | ### Optional
24 |
25 | - `adjust_tcp_mss` (Attributes) (see [below for nested schema](#nestedatt--adjust_tcp_mss))
26 | - `comment` (String)
27 | - `interface_management_profile` (String) Interface management profile
28 | - `ip` (Attributes List) (see [below for nested schema](#nestedatt--ip))
29 | - `ipv6` (Attributes) (see [below for nested schema](#nestedatt--ipv6))
30 | - `mtu` (Number) Maximum Transfer Unit, up to 9216 in Jumbo-Frame mode, up to 1500 otherwise
31 | - `netflow_profile` (String) Netflow Server Profile
32 |
33 |
34 | ### Nested Schema for `location`
35 |
36 | Optional:
37 |
38 | - `ngfw` (Attributes) Located in a specific NGFW device (see [below for nested schema](#nestedatt--location--ngfw))
39 | - `template` (Attributes) Located in a specific template (see [below for nested schema](#nestedatt--location--template))
40 | - `template_stack` (Attributes) Located in a specific template stack (see [below for nested schema](#nestedatt--location--template_stack))
41 |
42 |
43 | ### Nested Schema for `location.ngfw`
44 |
45 | Optional:
46 |
47 | - `ngfw_device` (String) The NGFW device
48 |
49 |
50 |
51 | ### Nested Schema for `location.template`
52 |
53 | Optional:
54 |
55 | - `name` (String) Specific Panorama template
56 | - `ngfw_device` (String) The NGFW device
57 | - `panorama_device` (String) Specific Panorama device
58 |
59 |
60 |
61 | ### Nested Schema for `location.template_stack`
62 |
63 | Optional:
64 |
65 | - `name` (String) Specific Panorama template stack
66 | - `ngfw_device` (String) The NGFW device
67 | - `panorama_device` (String) Specific Panorama device
68 |
69 |
70 |
71 |
72 | ### Nested Schema for `adjust_tcp_mss`
73 |
74 | Optional:
75 |
76 | - `enable` (Boolean) Set if TCP MSS value should be reduced based on mtu
77 | - `ipv4_mss_adjustment` (Number) IPv4 MSS adjustment size (in bytes)
78 | - `ipv6_mss_adjustment` (Number) IPv6 MSS adjustment size (in bytes)
79 |
80 |
81 |
82 | ### Nested Schema for `ip`
83 |
84 | Required:
85 |
86 | - `name` (String)
87 |
88 |
89 |
90 | ### Nested Schema for `ipv6`
91 |
92 | Optional:
93 |
94 | - `address` (Attributes List) (see [below for nested schema](#nestedatt--ipv6--address))
95 | - `enabled` (Boolean) Enable IPv6 on the interface
96 | - `interface_id` (String)
97 |
98 |
99 | ### Nested Schema for `ipv6.address`
100 |
101 | Required:
102 |
103 | - `name` (String)
104 |
105 | Optional:
106 |
107 | - `anycast` (Attributes) (see [below for nested schema](#nestedatt--ipv6--address--anycast))
108 | - `enable_on_interface` (Boolean) configure this address on interface
109 | - `prefix` (Attributes) (see [below for nested schema](#nestedatt--ipv6--address--prefix))
110 |
111 |
112 | ### Nested Schema for `ipv6.address.anycast`
113 |
114 |
115 |
116 | ### Nested Schema for `ipv6.address.prefix`
--------------------------------------------------------------------------------
/docs/resources/security_profile_group.md:
--------------------------------------------------------------------------------
1 | ---
2 | # generated by https://github.com/hashicorp/terraform-plugin-docs
3 | page_title: "panos_security_profile_group Resource - panos"
4 | subcategory: Objects
5 | description: |-
6 |
7 | ---
8 |
9 | # panos_security_profile_group (Resource)
10 |
11 |
12 |
13 |
14 |
15 |
16 | ## Schema
17 |
18 | ### Required
19 |
20 | - `location` (Attributes) The location of this object. (see [below for nested schema](#nestedatt--location))
21 | - `name` (String)
22 |
23 | ### Optional
24 |
25 | - `data_filtering` (List of String)
26 | - `disable_override` (String) disable object override in child device groups
27 | - `file_blocking` (List of String)
28 | - `gtp` (List of String)
29 | - `sctp` (List of String)
30 | - `spyware` (List of String)
31 | - `url_filtering` (List of String)
32 | - `virus` (List of String)
33 | - `vulnerability` (List of String)
34 | - `wildfire_analysis` (List of String)
35 |
36 |
37 | ### Nested Schema for `location`
38 |
39 | Optional:
40 |
41 | - `device_group` (Attributes) Located in a specific Device Group (see [below for nested schema](#nestedatt--location--device_group))
42 | - `shared` (Attributes) Panorama shared object (see [below for nested schema](#nestedatt--location--shared))
43 |
44 |
45 | ### Nested Schema for `location.device_group`
46 |
47 | Optional:
48 |
49 | - `name` (String) Device Group name
50 | - `panorama_device` (String) Panorama device name
51 |
52 |
53 |
54 | ### Nested Schema for `location.shared`
--------------------------------------------------------------------------------
/docs/resources/service.md:
--------------------------------------------------------------------------------
1 | ---
2 | # generated by https://github.com/hashicorp/terraform-plugin-docs
3 | page_title: "panos_service Resource - panos"
4 | subcategory: Objects
5 | description: |-
6 |
7 | ---
8 |
9 | # panos_service (Resource)
10 |
11 |
12 |
13 | ## Example Usage
14 |
15 | ```terraform
16 | resource "panos_service" "example" {
17 | location = {
18 | device_group = {
19 | name = panos_device_group.example.name
20 | }
21 | }
22 |
23 | name = "example-service"
24 | description = "example service"
25 |
26 | protocol = {
27 | tcp = {
28 | destination_port = "80"
29 | override = {
30 | timeout = 600
31 | halfclose_timeout = 300
32 | timewait_timeout = 60
33 | }
34 | }
35 | }
36 | }
37 |
38 | resource "panos_device_group" "example" {
39 | location = {
40 | panorama = {}
41 | }
42 |
43 | name = "example-device-group"
44 | }
45 | ```
46 |
47 |
48 | ## Schema
49 |
50 | ### Required
51 |
52 | - `location` (Attributes) The location of this object. (see [below for nested schema](#nestedatt--location))
53 | - `name` (String)
54 |
55 | ### Optional
56 |
57 | - `description` (String)
58 | - `disable_override` (String) disable object override in child device groups
59 | - `protocol` (Attributes) (see [below for nested schema](#nestedatt--protocol))
60 | - `tags` (List of String)
61 |
62 |
63 | ### Nested Schema for `location`
64 |
65 | Optional:
66 |
67 | - `device_group` (Attributes) Located in a specific Device Group (see [below for nested schema](#nestedatt--location--device_group))
68 | - `shared` (Attributes) Panorama shared object (see [below for nested schema](#nestedatt--location--shared))
69 | - `vsys` (Attributes) Located in a specific Virtual System (see [below for nested schema](#nestedatt--location--vsys))
70 |
71 |
72 | ### Nested Schema for `location.device_group`
73 |
74 | Optional:
75 |
76 | - `name` (String) Device Group name
77 | - `panorama_device` (String) Panorama device name
78 |
79 |
80 |
81 | ### Nested Schema for `location.shared`
82 |
83 |
84 |
85 | ### Nested Schema for `location.vsys`
86 |
87 | Optional:
88 |
89 | - `name` (String) The Virtual System name
90 | - `ngfw_device` (String) The NGFW device name
91 |
92 |
93 |
94 |
95 | ### Nested Schema for `protocol`
96 |
97 | Optional:
98 |
99 | - `tcp` (Attributes) (see [below for nested schema](#nestedatt--protocol--tcp))
100 | - `udp` (Attributes) (see [below for nested schema](#nestedatt--protocol--udp))
101 |
102 |
103 | ### Nested Schema for `protocol.tcp`
104 |
105 | Optional:
106 |
107 | - `destination_port` (String)
108 | - `override` (Attributes) (see [below for nested schema](#nestedatt--protocol--tcp--override))
109 | - `source_port` (String)
110 |
111 |
112 | ### Nested Schema for `protocol.tcp.override`
113 |
114 | Optional:
115 |
116 | - `halfclose_timeout` (Number) tcp session half-close timeout value (in second)
117 | - `timeout` (Number) tcp session timeout value (in second)
118 | - `timewait_timeout` (Number) tcp session time-wait timeout value (in second)
119 |
120 |
121 |
122 |
123 | ### Nested Schema for `protocol.udp`
124 |
125 | Optional:
126 |
127 | - `destination_port` (String)
128 | - `override` (Attributes) (see [below for nested schema](#nestedatt--protocol--udp--override))
129 | - `source_port` (String)
130 |
131 |
132 | ### Nested Schema for `protocol.udp.override`
133 |
134 | Optional:
135 |
136 | - `timeout` (Number) udp session timeout value (in second)
--------------------------------------------------------------------------------
/docs/resources/service_group.md:
--------------------------------------------------------------------------------
1 | ---
2 | # generated by https://github.com/hashicorp/terraform-plugin-docs
3 | page_title: "panos_service_group Resource - panos"
4 | subcategory: Objects
5 | description: |-
6 |
7 | ---
8 |
9 | # panos_service_group (Resource)
10 |
11 |
12 |
13 | ## Example Usage
14 |
15 | ```terraform
16 | resource "panos_service" "example" {
17 | location = {
18 | device_group = {
19 | name = panos_device_group.example.name
20 | }
21 | }
22 |
23 | name = "example-service"
24 | description = "example service"
25 |
26 | protocol = {
27 | tcp = {
28 | destination_port = "80"
29 | }
30 | }
31 |
32 | }
33 |
34 | resource "panos_service_group" "example" {
35 |
36 | location = {
37 | device_group = {
38 | name = panos_device_group.example.name
39 | }
40 | }
41 |
42 | name = "example-service-group"
43 | # description = "example service group"
44 |
45 | members = [
46 | panos_service.example.name
47 | ]
48 | }
49 |
50 | resource "panos_device_group" "example" {
51 | location = {
52 | panorama = {}
53 | }
54 |
55 | name = "example-device-group"
56 | }
57 | ```
58 |
59 |
60 | ## Schema
61 |
62 | ### Required
63 |
64 | - `location` (Attributes) The location of this object. (see [below for nested schema](#nestedatt--location))
65 | - `name` (String)
66 |
67 | ### Optional
68 |
69 | - `disable_override` (String) disable object override in child device groups
70 | - `members` (List of String)
71 | - `tags` (List of String)
72 |
73 |
74 | ### Nested Schema for `location`
75 |
76 | Optional:
77 |
78 | - `device_group` (Attributes) Located in a specific Device Group (see [below for nested schema](#nestedatt--location--device_group))
79 | - `shared` (Attributes) Panorama shared object (see [below for nested schema](#nestedatt--location--shared))
80 | - `vsys` (Attributes) Located in a specific Virtual System (see [below for nested schema](#nestedatt--location--vsys))
81 |
82 |
83 | ### Nested Schema for `location.device_group`
84 |
85 | Optional:
86 |
87 | - `name` (String) Device Group name
88 | - `panorama_device` (String) Panorama device name
89 |
90 |
91 |
92 | ### Nested Schema for `location.shared`
93 |
94 |
95 |
96 | ### Nested Schema for `location.vsys`
97 |
98 | Optional:
99 |
100 | - `name` (String) The Virtual System name
101 | - `ngfw_device` (String) The NGFW device name
--------------------------------------------------------------------------------
/docs/resources/ssl_decrypt.md:
--------------------------------------------------------------------------------
1 | ---
2 | # generated by https://github.com/hashicorp/terraform-plugin-docs
3 | page_title: "panos_ssl_decrypt Resource - panos"
4 | subcategory: Device
5 | description: |-
6 |
7 | ---
8 |
9 | # panos_ssl_decrypt (Resource)
10 |
11 |
12 |
13 |
14 |
15 |
16 | ## Schema
17 |
18 | ### Required
19 |
20 | - `location` (Attributes) The location of this object. (see [below for nested schema](#nestedatt--location))
21 |
22 | ### Optional
23 |
24 | - `disabled_ssl_exclude_cert_from_predefined` (List of String) List of disabled predefined exclude certificates.
25 | - `forward_trust_certificate_ecdsa` (String) Forward trust ECDSA certificate.
26 | - `forward_trust_certificate_rsa` (String) Forward trust RSA certificate.
27 | - `forward_untrust_certificate_ecdsa` (String) Forward untrust ECDSA certificate.
28 | - `forward_untrust_certificate_rsa` (String) Forward untrust RSA certificate.
29 | - `root_ca_exclude_list` (List of String) List of root CA excludes.
30 | - `ssl_exclude_cert` (Attributes List) List of SSL decrypt exclude certificates specs (specified below). (see [below for nested schema](#nestedatt--ssl_exclude_cert))
31 | - `trusted_root_ca` (List of String) List of trusted root CAs.
32 |
33 |
34 | ### Nested Schema for `location`
35 |
36 | Optional:
37 |
38 | - `panorama` (Attributes) Located in a panorama. (see [below for nested schema](#nestedatt--location--panorama))
39 | - `shared` (Attributes) Located in shared. (see [below for nested schema](#nestedatt--location--shared))
40 | - `template` (Attributes) Located in a specific template. (see [below for nested schema](#nestedatt--location--template))
41 | - `template_stack` (Attributes) Located in a specific template stack. (see [below for nested schema](#nestedatt--location--template_stack))
42 | - `template_stack_vsys` (Attributes) Located in a specific template stack, device and vsys. (see [below for nested schema](#nestedatt--location--template_stack_vsys))
43 | - `template_vsys` (Attributes) Located in a specific template, device and vsys. (see [below for nested schema](#nestedatt--location--template_vsys))
44 |
45 |
46 | ### Nested Schema for `location.panorama`
47 |
48 |
49 |
50 | ### Nested Schema for `location.shared`
51 |
52 |
53 |
54 | ### Nested Schema for `location.template`
55 |
56 | Optional:
57 |
58 | - `name` (String) The template.
59 | - `panorama_device` (String) The panorama device.
60 |
61 |
62 |
63 | ### Nested Schema for `location.template_stack`
64 |
65 | Optional:
66 |
67 | - `name` (String) The template stack.
68 | - `panorama_device` (String) The panorama device.
69 |
70 |
71 |
72 | ### Nested Schema for `location.template_stack_vsys`
73 |
74 | Optional:
75 |
76 | - `ngfw_device` (String) The NGFW device.
77 | - `panorama_device` (String) The panorama device.
78 | - `template_stack` (String) The template stack.
79 | - `vsys` (String) The vsys.
80 |
81 |
82 |
83 | ### Nested Schema for `location.template_vsys`
84 |
85 | Optional:
86 |
87 | - `ngfw_device` (String) The NGFW device.
88 | - `panorama_device` (String) The panorama device.
89 | - `template` (String) The template.
90 | - `vsys` (String) The vsys.
91 |
92 |
93 |
94 |
95 | ### Nested Schema for `ssl_exclude_cert`
96 |
97 | Required:
98 |
99 | - `name` (String)
100 |
101 | Optional:
102 |
103 | - `description` (String) The description.
104 | - `exclude` (Boolean) Exclude or not.
--------------------------------------------------------------------------------
/docs/resources/ssl_tls_service_profile.md:
--------------------------------------------------------------------------------
1 | ---
2 | # generated by https://github.com/hashicorp/terraform-plugin-docs
3 | page_title: "panos_ssl_tls_service_profile Resource - panos"
4 | subcategory: Device
5 | description: |-
6 |
7 | ---
8 |
9 | # panos_ssl_tls_service_profile (Resource)
10 |
11 |
12 |
13 |
14 |
15 |
16 | ## Schema
17 |
18 | ### Required
19 |
20 | - `certificate` (String) SSL certificate file name
21 | - `location` (Attributes) The location of this object. (see [below for nested schema](#nestedatt--location))
22 | - `name` (String)
23 |
24 | ### Optional
25 |
26 | - `protocol_settings` (Attributes) (see [below for nested schema](#nestedatt--protocol_settings))
27 |
28 |
29 | ### Nested Schema for `location`
30 |
31 | Optional:
32 |
33 | - `panorama` (Attributes) Located in a panorama. (see [below for nested schema](#nestedatt--location--panorama))
34 | - `shared` (Attributes) Panorama shared object (see [below for nested schema](#nestedatt--location--shared))
35 | - `template` (Attributes) Located in a specific template (see [below for nested schema](#nestedatt--location--template))
36 | - `template_stack` (Attributes) Located in a specific template (see [below for nested schema](#nestedatt--location--template_stack))
37 | - `template_stack_vsys` (Attributes) Located in a specific template, device and vsys. (see [below for nested schema](#nestedatt--location--template_stack_vsys))
38 | - `template_vsys` (Attributes) Located in a specific template, device and vsys. (see [below for nested schema](#nestedatt--location--template_vsys))
39 |
40 |
41 | ### Nested Schema for `location.panorama`
42 |
43 |
44 |
45 | ### Nested Schema for `location.shared`
46 |
47 |
48 |
49 | ### Nested Schema for `location.template`
50 |
51 | Optional:
52 |
53 | - `name` (String) Specific Panorama template
54 | - `panorama_device` (String) Specific Panorama device
55 |
56 |
57 |
58 | ### Nested Schema for `location.template_stack`
59 |
60 | Optional:
61 |
62 | - `name` (String) The template stack
63 | - `panorama_device` (String) Specific Panorama device
64 |
65 |
66 |
67 | ### Nested Schema for `location.template_stack_vsys`
68 |
69 | Optional:
70 |
71 | - `ngfw_device` (String) The NGFW device
72 | - `panorama_device` (String) Specific Panorama device
73 | - `template_stack` (String) The template stack
74 | - `vsys` (String) The vsys.
75 |
76 |
77 |
78 | ### Nested Schema for `location.template_vsys`
79 |
80 | Optional:
81 |
82 | - `ngfw_device` (String) The NGFW device
83 | - `panorama_device` (String) Specific Panorama device
84 | - `template` (String) Specific Panorama template
85 | - `vsys` (String) The vsys.
86 |
87 |
88 |
89 |
90 | ### Nested Schema for `protocol_settings`
91 |
92 | Optional:
93 |
94 | - `allow_algorithm_3des` (Boolean) Allow algorithm 3DES
95 | - `allow_algorithm_aes_128_cbc` (Boolean) Allow algorithm AES-128-CBC
96 | - `allow_algorithm_aes_128_gcm` (Boolean) Allow algorithm AES-128-GCM
97 | - `allow_algorithm_aes_256_cbc` (Boolean) Allow algorithm AES-256-CBC
98 | - `allow_algorithm_aes_256_gcm` (Boolean) Allow algorithm AES-256-GCM
99 | - `allow_algorithm_dhe` (Boolean) Allow algorithm DHE
100 | - `allow_algorithm_ecdhe` (Boolean) Allow algorithm ECDHE
101 | - `allow_algorithm_rc4` (Boolean) Allow algorithm RC4
102 | - `allow_algorithm_rsa` (Boolean) Allow algorithm RSA
103 | - `allow_authentication_sha1` (Boolean) Allow authentication SHA1
104 | - `allow_authentication_sha256` (Boolean) Allow authentication SHA256
105 | - `allow_authentication_sha384` (Boolean) Allow authentication SHA384
106 | - `max_version` (String) Maximum TLS protocol version. Valid values are 'tls1-0', 'tls1-1', 'tls1-2', and max (default).
107 | - `min_version` (String)
--------------------------------------------------------------------------------
/docs/resources/template.md:
--------------------------------------------------------------------------------
1 | ---
2 | # generated by https://github.com/hashicorp/terraform-plugin-docs
3 | page_title: "panos_template Resource - panos"
4 | subcategory: Panorama
5 | description: |-
6 |
7 | ---
8 |
9 | # panos_template (Resource)
10 |
11 |
12 |
13 | ## Example Usage
14 |
15 | ```terraform
16 | resource "panos_template" "example" {
17 |
18 | location = {
19 | panorama = {}
20 | }
21 | name = "template-example"
22 | description = "example template stack"
23 |
24 | }
25 | ```
26 |
27 |
28 | ## Schema
29 |
30 | ### Required
31 |
32 | - `location` (Attributes) The location of this object. (see [below for nested schema](#nestedatt--location))
33 | - `name` (String) The name of the service.
34 |
35 | ### Optional
36 |
37 | - `description` (String) The description.
38 |
39 |
40 | ### Nested Schema for `location`
41 |
42 | Optional:
43 |
44 | - `panorama` (Attributes) Located in a specific Panorama. (see [below for nested schema](#nestedatt--location--panorama))
45 |
46 |
47 | ### Nested Schema for `location.panorama`
48 |
49 | Optional:
50 |
51 | - `panorama_device` (String) The Panorama device.
--------------------------------------------------------------------------------
/docs/resources/template_stack.md:
--------------------------------------------------------------------------------
1 | ---
2 | # generated by https://github.com/hashicorp/terraform-plugin-docs
3 | page_title: "panos_template_stack Resource - panos"
4 | subcategory: Panorama
5 | description: |-
6 |
7 | ---
8 |
9 | # panos_template_stack (Resource)
10 |
11 |
12 |
13 | ## Example Usage
14 |
15 | ```terraform
16 | resource "panos_template_stack" "example" {
17 |
18 | location = {
19 | panorama = {}
20 | }
21 | name = "tempalte-stack-example"
22 | description = "example template stack"
23 |
24 | templates = [
25 | panos_template.example.name
26 | ]
27 |
28 | }
29 |
30 | resource "panos_template" "example" {
31 |
32 | location = {
33 | panorama = {}
34 | }
35 | name = "template-example"
36 | description = "example template stack"
37 |
38 | }
39 | ```
40 |
41 |
42 | ## Schema
43 |
44 | ### Required
45 |
46 | - `location` (Attributes) The location of this object. (see [below for nested schema](#nestedatt--location))
47 | - `name` (String) The name of the service.
48 |
49 | ### Optional
50 |
51 | - `default_vsys` (String) Default virtual system
52 | - `description` (String) The description.
53 | - `devices` (List of String) List of devices
54 | - `templates` (List of String) List of templates
55 | - `user_group_source` (Attributes) (see [below for nested schema](#nestedatt--user_group_source))
56 |
57 |
58 | ### Nested Schema for `location`
59 |
60 | Optional:
61 |
62 | - `panorama` (Attributes) Located in a specific Panorama. (see [below for nested schema](#nestedatt--location--panorama))
63 |
64 |
65 | ### Nested Schema for `location.panorama`
66 |
67 | Optional:
68 |
69 | - `panorama_device` (String) The Panorama device.
70 |
71 |
72 |
73 |
74 | ### Nested Schema for `user_group_source`
75 |
76 | Optional:
77 |
78 | - `master_device` (String)
--------------------------------------------------------------------------------
/docs/resources/template_variable.md:
--------------------------------------------------------------------------------
1 | ---
2 | # generated by https://github.com/hashicorp/terraform-plugin-docs
3 | page_title: "panos_template_variable Resource - panos"
4 | subcategory: Panorama
5 | description: |-
6 |
7 | ---
8 |
9 | # panos_template_variable (Resource)
10 |
11 |
12 |
13 |
14 |
15 |
16 | ## Schema
17 |
18 | ### Required
19 |
20 | - `location` (Attributes) The location of this object. (see [below for nested schema](#nestedatt--location))
21 | - `name` (String) The name of the service.
22 |
23 | ### Optional
24 |
25 | - `description` (String)
26 | - `type` (Attributes) (see [below for nested schema](#nestedatt--type))
27 |
28 |
29 | ### Nested Schema for `location`
30 |
31 | Optional:
32 |
33 | - `template` (Attributes) Located in a specific template. (see [below for nested schema](#nestedatt--location--template))
34 |
35 |
36 | ### Nested Schema for `location.template`
37 |
38 | Optional:
39 |
40 | - `name` (String) The template.
41 | - `panorama_device` (String) The panorama device.
42 |
43 |
44 |
45 |
46 | ### Nested Schema for `type`
47 |
48 | Optional:
49 |
50 | - `as_number` (String)
51 | - `device_id` (String)
52 | - `device_priority` (String)
53 | - `egress_max` (String)
54 | - `fqdn` (String)
55 | - `group_id` (String)
56 | - `interface` (String)
57 | - `ip_netmask` (String)
58 | - `ip_range` (String)
59 | - `link_tag` (String)
60 | - `qos_profile` (String)
--------------------------------------------------------------------------------
/docs/resources/tunnel_interface.md:
--------------------------------------------------------------------------------
1 | ---
2 | # generated by https://github.com/hashicorp/terraform-plugin-docs
3 | page_title: "panos_tunnel_interface Resource - panos"
4 | subcategory: Network
5 | description: |-
6 |
7 | ---
8 |
9 | # panos_tunnel_interface (Resource)
10 |
11 |
12 |
13 |
14 |
15 |
16 | ## Schema
17 |
18 | ### Required
19 |
20 | - `location` (Attributes) The location of this object. (see [below for nested schema](#nestedatt--location))
21 | - `name` (String)
22 |
23 | ### Optional
24 |
25 | - `bonjour` (Attributes) (see [below for nested schema](#nestedatt--bonjour))
26 | - `comment` (String)
27 | - `df_ignore` (Boolean)
28 | - `interface_management_profile` (String) Interface management profile
29 | - `ip` (Attributes List) (see [below for nested schema](#nestedatt--ip))
30 | - `ipv6` (Attributes) (see [below for nested schema](#nestedatt--ipv6))
31 | - `link_tag` (String)
32 | - `mtu` (Number) Maximum Transfer Unit, up to 9216 in Jumbo-Frame mode, up to 1500 otherwise
33 | - `netflow_profile` (String) Netflow Server Profile
34 |
35 |
36 | ### Nested Schema for `location`
37 |
38 | Optional:
39 |
40 | - `ngfw` (Attributes) Located in a specific NGFW device (see [below for nested schema](#nestedatt--location--ngfw))
41 | - `shared` (Attributes) Panorama shared object (see [below for nested schema](#nestedatt--location--shared))
42 | - `template` (Attributes) Located in a specific template (see [below for nested schema](#nestedatt--location--template))
43 | - `template_stack` (Attributes) Located in a specific template stack (see [below for nested schema](#nestedatt--location--template_stack))
44 |
45 |
46 | ### Nested Schema for `location.ngfw`
47 |
48 | Optional:
49 |
50 | - `ngfw_device` (String) The NGFW device
51 |
52 |
53 |
54 | ### Nested Schema for `location.shared`
55 |
56 |
57 |
58 | ### Nested Schema for `location.template`
59 |
60 | Optional:
61 |
62 | - `name` (String) Specific Panorama template
63 | - `ngfw_device` (String) The NGFW device
64 | - `panorama_device` (String) Specific Panorama device
65 | - `vsys` (String)
66 |
67 |
68 |
69 | ### Nested Schema for `location.template_stack`
70 |
71 | Optional:
72 |
73 | - `name` (String) Specific Panorama template stack
74 | - `ngfw_device` (String) The NGFW device
75 | - `panorama_device` (String) Specific Panorama device
76 |
77 |
78 |
79 |
80 | ### Nested Schema for `bonjour`
81 |
82 | Optional:
83 |
84 | - `enable` (Boolean) Set to support Bonjour service
85 | - `group_id` (Number) default 0: NO-Group
86 | - `ttl_check` (Boolean) Set to check and update TTL
87 |
88 |
89 |
90 | ### Nested Schema for `ip`
91 |
92 | Required:
93 |
94 | - `name` (String)
95 |
96 |
97 |
98 | ### Nested Schema for `ipv6`
99 |
100 | Optional:
101 |
102 | - `address` (Attributes List) (see [below for nested schema](#nestedatt--ipv6--address))
103 | - `enabled` (Boolean) Enable IPv6 on the interface
104 | - `interface_id` (String)
105 |
106 |
107 | ### Nested Schema for `ipv6.address`
108 |
109 | Required:
110 |
111 | - `name` (String)
112 |
113 | Optional:
114 |
115 | - `anycast` (Attributes) (see [below for nested schema](#nestedatt--ipv6--address--anycast))
116 | - `enable_on_interface` (Boolean) configure this address on interface
117 | - `prefix` (Attributes) (see [below for nested schema](#nestedatt--ipv6--address--prefix))
118 |
119 |
120 | ### Nested Schema for `ipv6.address.anycast`
121 |
122 |
123 |
124 | ### Nested Schema for `ipv6.address.prefix`
--------------------------------------------------------------------------------
/docs/resources/wildfire_analysis_security_profile.md:
--------------------------------------------------------------------------------
1 | ---
2 | # generated by https://github.com/hashicorp/terraform-plugin-docs
3 | page_title: "panos_wildfire_analysis_security_profile Resource - panos"
4 | subcategory: Objects
5 | description: |-
6 |
7 | ---
8 |
9 | # panos_wildfire_analysis_security_profile (Resource)
10 |
11 |
12 |
13 |
14 |
15 |
16 | ## Schema
17 |
18 | ### Required
19 |
20 | - `location` (Attributes) The location of this object. (see [below for nested schema](#nestedatt--location))
21 | - `name` (String)
22 |
23 | ### Optional
24 |
25 | - `description` (String)
26 | - `disable_override` (String) disable object override in child device groups
27 | - `rules` (Attributes List) (see [below for nested schema](#nestedatt--rules))
28 |
29 |
30 | ### Nested Schema for `location`
31 |
32 | Optional:
33 |
34 | - `device_group` (Attributes) Located in a specific Device Group (see [below for nested schema](#nestedatt--location--device_group))
35 | - `shared` (Attributes) Panorama shared object (see [below for nested schema](#nestedatt--location--shared))
36 |
37 |
38 | ### Nested Schema for `location.device_group`
39 |
40 | Optional:
41 |
42 | - `name` (String) Device Group name
43 | - `panorama_device` (String) Panorama device name
44 |
45 |
46 |
47 | ### Nested Schema for `location.shared`
48 |
49 |
50 |
51 |
52 | ### Nested Schema for `rules`
53 |
54 | Required:
55 |
56 | - `name` (String)
57 |
58 | Optional:
59 |
60 | - `analysis` (String)
61 | - `application` (List of String)
62 | - `direction` (String)
63 | - `file_type` (List of String)
--------------------------------------------------------------------------------
/examples/resources/panos_address/import.sh:
--------------------------------------------------------------------------------
1 | # An address can be imported by providing the following base64 encoded object as the ID
2 | # {
3 | # location = {
4 | # device_group = {
5 | # name = "example-device-group"
6 | # panorama_device = "localhost.localdomain"
7 | # }
8 | # }
9 | #
10 | # name = "addr1"
11 | # }
12 | terraform import panos_address.example $(echo '{"location":{"device_group":{"name":"example-device-group","panorama_device":"localhost.localdomain"}},"name":"addr1"}' | base64)
13 |
--------------------------------------------------------------------------------
/examples/resources/panos_address_group/import.sh:
--------------------------------------------------------------------------------
1 | # An address group can be imported by providing the following base64 encoded object as the ID
2 | # {
3 | # location = {
4 | # device_group = {
5 | # name = "example-device-group"
6 | # panorama_device = "localhost.localdomain"
7 | # }
8 | # }
9 | #
10 | # name = "example-address-group"
11 | # }
12 | terraform import panos_address_group.example $(echo '{"location":{"device_group":{"name":"example-device-group","panorama_device":"localhost.localdomain"}},"name":"example-address-group"}' | base64)
13 |
--------------------------------------------------------------------------------
/examples/resources/panos_addresses/import.sh:
--------------------------------------------------------------------------------
1 | # Addresses can be imported by providing the following base64 encoded object as the ID
2 | # {
3 | # location = {
4 | # device_group = {
5 | # name = "example-device-group"
6 | # panorama_device = "localhost.localdomain"
7 | # }
8 | # }
9 | #
10 | # names = [
11 | # "foo",
12 | # "bar"
13 | # ]
14 | # }
15 | terraform import panos_addresses.example $(echo '{"location":{"device_group":{"name":"example-device-group","panorama_device":"localhost.localdomain"}},"names":["foo","bar"]}' | base64)
--------------------------------------------------------------------------------
/examples/resources/panos_security_policy/import.sh:
--------------------------------------------------------------------------------
1 | # The entire policy can be imported by providing the following base64 encoded object as the ID
2 | # {
3 | # location = {
4 | # device_group = {
5 | # name = "example-device-group"
6 | # rulebase = "pre-rulebase"
7 | # panorama_device = "localhost.localdomain"
8 | # }
9 | # }
10 | #
11 | #
12 | # names = [
13 | # "rule-1", <- the first rule in the policy
14 | # ]
15 | # }
16 | terraform import panos_security_policy.example $(echo '{"location":{"device_group":{"name":"example-device-group","panorama_device":"localhost.localdomain","rulebase":"pre-rulebase"}},"names":["rule-1"]}' | base64)
17 |
--------------------------------------------------------------------------------
/examples/resources/panos_security_policy_rules/import.sh:
--------------------------------------------------------------------------------
1 | # A set of rules can be imported by providing the following base64 encoded object as the ID
2 | # {
3 | # location = {
4 | # device_group = {
5 | # name = "example-device-group"
6 | # rulebase = "pre-rulebase"
7 | # panorama_device = "localhost.localdomain"
8 | # }
9 | # }
10 | #
11 | # position = { where = "after", directly = true, pivot = "rule-2" }
12 | #
13 | # names = [
14 | # "rule-8",
15 | # "rule-9"
16 | # ]
17 | # }
18 | terraform import panos_security_policy_rules.example $(echo '{"location":{"device_group":{"name":"example-device-group","panorama_device":"localhost.localdomain","rulebase":"pre-rulebase"}},"names":["rule-8","rule-9"],"position":{"directly":true,"pivot":"rule-2","where":"after"}}' | base64)
19 |
--------------------------------------------------------------------------------
/internal/manager/config.go:
--------------------------------------------------------------------------------
1 | package manager
2 |
3 | import (
4 | "context"
5 |
6 | "github.com/hashicorp/terraform-plugin-framework/diag"
7 | "github.com/hashicorp/terraform-plugin-framework/types"
8 |
9 | sdkerrors "github.com/PaloAltoNetworks/pango/errors"
10 | "github.com/PaloAltoNetworks/pango/util"
11 | "github.com/PaloAltoNetworks/pango/version"
12 | )
13 |
14 | type TFConfigObject[E any] interface {
15 | CopyToPango(context.Context, *map[string]types.String) (E, diag.Diagnostics)
16 | CopyFromPango(context.Context, E, *map[string]types.String) diag.Diagnostics
17 | }
18 |
19 | type SDKConfigService[C any, L ConfigLocation] interface {
20 | Create(context.Context, L, C) (C, error)
21 | Update(context.Context, L, C) (C, error)
22 | Read(context.Context, L, string) (C, error)
23 | Delete(context.Context, L, C) error
24 | }
25 |
26 | type ConfigLocation interface {
27 | Xpath(version.Number) ([]string, error)
28 | }
29 |
30 | type ConfigObjectManager[C any, L ConfigLocation, S SDKConfigService[C, L]] struct {
31 | service S
32 | client util.PangoClient
33 | specifier func(C) (any, error)
34 | }
35 |
36 | func NewConfigObjectManager[C any, L ConfigLocation, S SDKConfigService[C, L]](client util.PangoClient, service S, specifier func(C) (any, error)) *ConfigObjectManager[C, L, S] {
37 | return &ConfigObjectManager[C, L, S]{
38 | service: service,
39 | client: client,
40 | specifier: specifier,
41 | }
42 | }
43 |
44 | func (o *ConfigObjectManager[C, L, S]) Create(ctx context.Context, location L, config C) (C, error) {
45 | return o.service.Create(ctx, location, config)
46 | }
47 |
48 | func (o *ConfigObjectManager[C, L, S]) Update(ctx context.Context, location L, config C) (C, error) {
49 | return o.service.Update(ctx, location, config)
50 | }
51 |
52 | func (o *ConfigObjectManager[C, L, S]) Read(ctx context.Context, location L) (C, error) {
53 | obj, err := o.service.Read(ctx, location, "get")
54 | if err != nil && sdkerrors.IsObjectNotFound(err) {
55 | return obj, ErrObjectNotFound
56 | }
57 |
58 | return obj, err
59 | }
60 |
61 | func (o *ConfigObjectManager[C, L, S]) Delete(ctx context.Context, location L, config C) error {
62 | return o.service.Delete(ctx, location, config)
63 | }
64 |
--------------------------------------------------------------------------------
/internal/manager/entry_import.go:
--------------------------------------------------------------------------------
1 | package manager
2 |
3 | import (
4 | "context"
5 |
6 | sdkerrors "github.com/PaloAltoNetworks/pango/errors"
7 | )
8 |
9 | type SDKImportableEntryService[E EntryObject, L EntryLocation, IL ImportLocation] interface {
10 | Create(context.Context, L, []IL, E) (E, error)
11 | Read(context.Context, L, string, string) (E, error)
12 | List(context.Context, L, string, string, string) ([]E, error)
13 | Update(context.Context, L, E, string) (E, error)
14 | Delete(context.Context, L, []IL, ...string) error
15 | }
16 |
17 | type ImportableEntryObjectManager[E EntryObject, L EntryLocation, IL ImportLocation, IS SDKImportableEntryService[E, L, IL]] struct {
18 | service IS
19 | client SDKClient
20 | specifier func(E) (any, error)
21 | matcher func(E, E) bool
22 | }
23 |
24 | func NewImportableEntryObjectManager[E EntryObject, L EntryLocation, IL ImportLocation, IS SDKImportableEntryService[E, L, IL]](client SDKClient, service IS, specifier func(E) (any, error), matcher func(E, E) bool) *ImportableEntryObjectManager[E, L, IL, IS] {
25 | return &ImportableEntryObjectManager[E, L, IL, IS]{
26 | service: service,
27 | client: client,
28 | specifier: specifier,
29 | matcher: matcher,
30 | }
31 | }
32 |
33 | func (o *ImportableEntryObjectManager[E, L, IL, IS]) ReadMany(ctx context.Context, location L, entries []E) ([]E, error) {
34 | return nil, &Error{err: ErrInternal, message: "called ReadMany on an importable singular resource"}
35 | }
36 |
37 | func (o *ImportableEntryObjectManager[E, L, IL, IS]) Read(ctx context.Context, location L, name string) (E, error) {
38 | object, err := o.service.Read(ctx, location, name, "get")
39 | if err != nil {
40 | return *new(E), ErrObjectNotFound
41 | }
42 |
43 | return object, nil
44 | }
45 |
46 | func (o *ImportableEntryObjectManager[E, L, IL, IS]) Create(ctx context.Context, location L, importLocs []IL, entry E) (E, error) {
47 | existing, err := o.service.List(ctx, location, "get", "", "")
48 | if err != nil && !sdkerrors.IsObjectNotFound(err) {
49 | return *new(E), err
50 | }
51 |
52 | for _, elt := range existing {
53 | if elt.EntryName() == entry.EntryName() {
54 | return *new(E), ErrConflict
55 | }
56 | }
57 |
58 | obj, err := o.service.Create(ctx, location, importLocs, entry)
59 | return obj, err
60 | }
61 |
62 | func (o *ImportableEntryObjectManager[E, L, IL, IS]) Update(ctx context.Context, location L, entry E, name string) (E, error) {
63 | updated, err := o.service.Update(ctx, location, entry, name)
64 | if err != nil {
65 | return *new(E), &Error{err: err, message: "error during Update call"}
66 | }
67 |
68 | return updated, nil
69 | }
70 |
71 | func (o *ImportableEntryObjectManager[E, L, IL, IS]) Delete(ctx context.Context, location L, importLocations []IL, names []string, exhaustive ExhaustiveType) error {
72 | err := o.service.Delete(ctx, location, importLocations, names...)
73 | if err != nil {
74 | return &Error{err: err, message: "sdk error while deleting"}
75 | }
76 | return nil
77 | }
78 |
--------------------------------------------------------------------------------
/internal/manager/manager.go:
--------------------------------------------------------------------------------
1 | package manager
2 |
3 | import (
4 | "context"
5 | "errors"
6 | "fmt"
7 | "net/http"
8 | "net/url"
9 |
10 | "github.com/PaloAltoNetworks/pango/util"
11 | "github.com/PaloAltoNetworks/pango/version"
12 | "github.com/PaloAltoNetworks/pango/xmlapi"
13 | )
14 |
15 | type Error struct {
16 | message string
17 | err error
18 | }
19 |
20 | func (o *Error) Error() string {
21 | if o.err != nil {
22 | return fmt.Sprintf("%s: %s", o.message, o.err)
23 | }
24 |
25 | return o.message
26 | }
27 |
28 | func (o *Error) Unwrap() error {
29 | return o.err
30 | }
31 |
32 | var (
33 | ErrPlanConflict = errors.New("multiple plan entries with shared name")
34 | ErrConflict = errors.New("entry from the plan already exists on the server")
35 | ErrMissingUuid = errors.New("entry is missing required uuid")
36 | ErrMarshaling = errors.New("failed to marshal entry to XML document")
37 | ErrInvalidPosition = errors.New("position is not valid")
38 | ErrMissingPivotPoint = errors.New("provided pivot entry does not exist")
39 | ErrInternal = errors.New("internal provider error")
40 | ErrObjectNotFound = errors.New("Object not found")
41 | )
42 |
43 | type entryState string
44 |
45 | const (
46 | entryUnknown entryState = "unknown"
47 | entryMissing entryState = "missing"
48 | entryOutdated entryState = "outdated"
49 | entryRenamed entryState = "renamed"
50 | entryDeleted entryState = "deleted"
51 | entryOk entryState = "ok"
52 | )
53 |
54 | type SDKClient interface {
55 | Versioning() version.Number
56 | GetTarget() string
57 | ChunkedMultiConfig(context.Context, *xmlapi.MultiConfig, bool, url.Values) ([]xmlapi.ChunkedMultiConfigResponse, error)
58 | MultiConfig(context.Context, *xmlapi.MultiConfig, bool, url.Values) ([]byte, *http.Response, *xmlapi.MultiConfigResponse, error)
59 | }
60 |
61 | type ImportLocation interface {
62 | XpathForLocation(version.Number, util.ILocation) ([]string, error)
63 | MarshalPangoXML([]string) (string, error)
64 | UnmarshalPangoXML([]byte) ([]string, error)
65 | }
66 |
--------------------------------------------------------------------------------
/internal/manager/sdk_manager_suite_test.go:
--------------------------------------------------------------------------------
1 | package manager_test
2 |
3 | import (
4 | "log/slog"
5 | "testing"
6 |
7 | . "github.com/onsi/ginkgo/v2"
8 | . "github.com/onsi/gomega"
9 | )
10 |
11 | func TestSdkManager(t *testing.T) {
12 | handler := slog.NewTextHandler(GinkgoWriter, &slog.HandlerOptions{
13 | Level: slog.LevelDebug,
14 | })
15 | slog.SetDefault(slog.New(handler))
16 | RegisterFailHandler(Fail)
17 | RunSpecs(t, "SdkManager Suite")
18 | }
19 |
--------------------------------------------------------------------------------
/internal/provider/api_key.go:
--------------------------------------------------------------------------------
1 | package provider
2 |
3 | // Note: This file is automatically generated. Manually made changes
4 | // will be overwritten when the provider is generated.
5 |
6 | import (
7 | "context"
8 | "fmt"
9 |
10 | "github.com/PaloAltoNetworks/pango"
11 |
12 | "github.com/hashicorp/terraform-plugin-framework/attr"
13 | ephschema "github.com/hashicorp/terraform-plugin-framework/ephemeral/schema"
14 | "github.com/hashicorp/terraform-plugin-framework/resource"
15 | "github.com/hashicorp/terraform-plugin-framework/types"
16 | )
17 |
18 | import (
19 | "github.com/hashicorp/terraform-plugin-framework/ephemeral"
20 | )
21 |
22 | // Generate Terraform Ephemeral object
23 | var (
24 | _ ephemeral.EphemeralResource = &ApiKeyResource{}
25 | _ ephemeral.EphemeralResourceWithConfigure = &ApiKeyResource{}
26 | )
27 |
28 | func NewApiKeyResource() ephemeral.EphemeralResource {
29 | return &ApiKeyResource{}
30 | }
31 |
32 | type ApiKeyResource struct {
33 | client *pango.Client
34 | }
35 |
36 | type ApiKeyResourceModel struct {
37 | Username types.String `tfsdk:"username"`
38 | Password types.String `tfsdk:"password"`
39 | ApiKey types.String `tfsdk:"api_key"`
40 | }
41 |
42 | func (r *ApiKeyResource) ValidateConfig(ctx context.Context, req resource.ValidateConfigRequest, resp *resource.ValidateConfigResponse) {
43 | }
44 |
45 | //
46 |
47 | func ApiKeyResourceSchema() ephschema.Schema {
48 | return ephschema.Schema{
49 | Attributes: map[string]ephschema.Attribute{
50 |
51 | "username": ephschema.StringAttribute{
52 | Description: "",
53 | Computed: false,
54 | Required: true,
55 | Optional: false,
56 | Sensitive: false,
57 | },
58 |
59 | "password": ephschema.StringAttribute{
60 | Description: "",
61 | Computed: false,
62 | Required: true,
63 | Optional: false,
64 | Sensitive: true,
65 | },
66 |
67 | "api_key": ephschema.StringAttribute{
68 | Description: "",
69 | Computed: true,
70 | Required: false,
71 | Optional: true,
72 | Sensitive: true,
73 | },
74 | },
75 | }
76 | }
77 |
78 | func (o *ApiKeyResourceModel) getTypeFor(name string) attr.Type {
79 | schema := ApiKeyResourceSchema()
80 | if attr, ok := schema.Attributes[name]; !ok {
81 | panic(fmt.Sprintf("could not resolve schema for attribute %s", name))
82 | } else {
83 | switch attr := attr.(type) {
84 | case ephschema.ListNestedAttribute:
85 | return attr.NestedObject.Type()
86 | case ephschema.MapNestedAttribute:
87 | return attr.NestedObject.Type()
88 | default:
89 | return attr.GetType()
90 | }
91 | }
92 |
93 | panic("unreachable")
94 | }
95 |
96 | func (r *ApiKeyResource) Metadata(ctx context.Context, req ephemeral.MetadataRequest, resp *ephemeral.MetadataResponse) {
97 | resp.TypeName = req.ProviderTypeName + "_api_key"
98 | }
99 |
100 | func (r *ApiKeyResource) Schema(_ context.Context, _ ephemeral.SchemaRequest, resp *ephemeral.SchemaResponse) {
101 | resp.Schema = ApiKeyResourceSchema()
102 | }
103 |
104 | //
105 |
106 | func (r *ApiKeyResource) Configure(ctx context.Context, req ephemeral.ConfigureRequest, resp *ephemeral.ConfigureResponse) {
107 | // Prevent panic if the provider has not been configured.
108 | if req.ProviderData == nil {
109 | return
110 | }
111 |
112 | providerData := req.ProviderData.(*ProviderData)
113 | r.client = providerData.Client
114 | }
115 |
116 | func (r *ApiKeyResource) Open(ctx context.Context, req ephemeral.OpenRequest, resp *ephemeral.OpenResponse) {
117 |
118 | var data ApiKeyResourceModel
119 | resp.Diagnostics.Append(req.Config.Get(ctx, &data)...)
120 | if resp.Diagnostics.HasError() {
121 | return
122 | }
123 |
124 | username := data.Username.ValueString()
125 | password := data.Password.ValueString()
126 |
127 | apiKey, err := r.client.GenerateApiKey(ctx, username, password)
128 | if err != nil {
129 | resp.Diagnostics.AddError("failed to generate API key", err.Error())
130 | return
131 | }
132 |
133 | data.ApiKey = types.StringValue(apiKey)
134 | resp.Diagnostics.Append(resp.Result.Set(ctx, &data)...)
135 |
136 | }
137 |
138 | func (r *ApiKeyResource) ImportState(ctx context.Context, req resource.ImportStateRequest, resp *resource.ImportStateResponse) {
139 |
140 | }
141 |
--------------------------------------------------------------------------------
/internal/provider/errors.go:
--------------------------------------------------------------------------------
1 | package provider
2 |
3 | import (
4 | "fmt"
5 | "strings"
6 |
7 | "github.com/hashicorp/terraform-plugin-framework/diag"
8 | )
9 |
10 | var InspectionModeError = "Resources are unavailable when the provider is in inspection mode. Resources are only available in API mode."
11 |
12 | type DiagnosticsError struct {
13 | message string
14 | diagnostics diag.Diagnostics
15 | }
16 |
17 | func NewDiagnosticsError(message string, diags diag.Diagnostics) *DiagnosticsError {
18 | return &DiagnosticsError{
19 | diagnostics: diags.Errors(),
20 | }
21 | }
22 |
23 | func (o *DiagnosticsError) Diagnostics() diag.Diagnostics {
24 | return o.diagnostics
25 | }
26 |
27 | func (o *DiagnosticsError) Error() string {
28 | var summaries []string
29 | for _, elt := range o.diagnostics {
30 | summaries = append(summaries, elt.Summary())
31 | }
32 | return fmt.Sprintf("%s: %s", o.message, strings.Join(summaries, ", "))
33 | }
34 |
--------------------------------------------------------------------------------
/internal/provider/func_address_value.go:
--------------------------------------------------------------------------------
1 | package provider
2 |
3 | import (
4 | "context"
5 |
6 | "github.com/hashicorp/terraform-plugin-framework/attr"
7 | "github.com/hashicorp/terraform-plugin-framework/function"
8 | "github.com/hashicorp/terraform-plugin-framework/types"
9 | )
10 |
11 | var _ function.Function = &AddressValueFunction{}
12 |
13 | type AddressValueFunction struct{}
14 |
15 | func NewAddressValueFunction() function.Function {
16 | return &AddressValueFunction{}
17 | }
18 |
19 | func (f *AddressValueFunction) Metadata(ctx context.Context, req function.MetadataRequest, resp *function.MetadataResponse) {
20 | resp.Name = "address_value"
21 | }
22 |
23 | func (f *AddressValueFunction) Definition(ctx context.Context, req function.DefinitionRequest, resp *function.DefinitionResponse) {
24 | resp.Definition = function.Definition{
25 | Summary: "Return value of a given address resource",
26 | Description: "Given an address object resource, return its value.",
27 |
28 | Parameters: []function.Parameter{
29 | function.ObjectParameter{
30 | Name: "address",
31 | Description: "address resource to get value from",
32 | AttributeTypes: map[string]attr.Type{
33 | "ip_netmask": types.StringType,
34 | "ip_range": types.StringType,
35 | "ip_wildcard": types.StringType,
36 | "fqdn": types.StringType,
37 | },
38 | },
39 | },
40 | Return: function.StringReturn{},
41 | }
42 | }
43 |
44 | func (f *AddressValueFunction) Run(ctx context.Context, req function.RunRequest, resp *function.RunResponse) {
45 | var address struct {
46 | IpNetmask *string `tfsdk:"ip_netmask"`
47 | IpRange *string `tfsdk:"ip_range"`
48 | IpWildcard *string `tfsdk:"ip_wildcard"`
49 | Fqdn *string `tfsdk:"fqdn"`
50 | }
51 |
52 | // Read Terraform argument data into the variable
53 | resp.Error = function.ConcatFuncErrors(resp.Error, req.Arguments.Get(ctx, &address))
54 | if resp.Error != nil {
55 | return
56 | }
57 |
58 | var value string
59 | if address.IpNetmask != nil {
60 | value = *address.IpNetmask
61 | } else if address.IpRange != nil {
62 | value = *address.IpRange
63 | } else if address.IpWildcard != nil {
64 | value = *address.IpWildcard
65 | } else if address.Fqdn != nil {
66 | value = *address.Fqdn
67 | } else {
68 | resp.Error = function.ConcatFuncErrors(resp.Error, function.NewFuncError("given address has no value set"))
69 | return
70 | }
71 |
72 | // Set the result to the same data
73 | resp.Error = function.ConcatFuncErrors(resp.Error, resp.Result.Set(ctx, value))
74 | }
75 |
--------------------------------------------------------------------------------
/internal/provider/func_create_import_id.go:
--------------------------------------------------------------------------------
1 | package provider
2 |
3 | import (
4 | "context"
5 | "encoding/base64"
6 | "fmt"
7 |
8 | "github.com/hashicorp/terraform-plugin-framework/function"
9 | "github.com/hashicorp/terraform-plugin-framework/types"
10 | )
11 |
12 | var (
13 | _ function.Function = &ImportStateCreator{}
14 | )
15 |
16 | type ImportStateCreator struct{}
17 |
18 | func NewCreateImportIdFunction() function.Function {
19 | return &ImportStateCreator{}
20 | }
21 |
22 | func (o *ImportStateCreator) Metadata(ctx context.Context, req function.MetadataRequest, resp *function.MetadataResponse) {
23 | resp.Name = "generate_import_id"
24 | }
25 |
26 | func (o *ImportStateCreator) Definition(ctx context.Context, req function.DefinitionRequest, resp *function.DefinitionResponse) {
27 | resp.Definition = function.Definition{
28 | Summary: "Generate Import ID",
29 | Description: "Generate Import ID for the given resource that can be used to import resources into the state.",
30 |
31 | Parameters: []function.Parameter{
32 | function.StringParameter{
33 | Name: "resource_asn",
34 | Description: "Name of the resource",
35 | },
36 | function.DynamicParameter{
37 | Name: "resource_data",
38 | Description: "Resource data",
39 | },
40 | },
41 | Return: function.StringReturn{},
42 | }
43 | }
44 |
45 | func (o *ImportStateCreator) Run(ctx context.Context, req function.RunRequest, resp *function.RunResponse) {
46 | var resourceAsn string
47 | var dynamicResource types.Dynamic
48 |
49 | resp.Error = function.ConcatFuncErrors(resp.Error, req.Arguments.Get(ctx, &resourceAsn, &dynamicResource))
50 | if resp.Error != nil {
51 | return
52 | }
53 |
54 | var resource types.Object
55 | switch value := dynamicResource.UnderlyingValue().(type) {
56 | case types.Object:
57 | resource = value
58 | default:
59 | resp.Error = function.ConcatFuncErrors(resp.Error, function.NewArgumentFuncError(1, fmt.Sprintf("Wrong resource type: must be an object")))
60 | return
61 | }
62 |
63 | var data []byte
64 |
65 | if resourceFuncs, found := resourceFuncMap[resourceAsn]; !found {
66 | resp.Error = function.ConcatFuncErrors(resp.Error, function.NewArgumentFuncError(0, fmt.Sprintf("Unsupported resource type: %s'", resourceAsn)))
67 | return
68 | } else {
69 | var err error
70 | data, err = resourceFuncs.CreateImportId(ctx, resource)
71 | if err != nil {
72 | resp.Error = function.ConcatFuncErrors(resp.Error, function.NewFuncError(err.Error()))
73 | return
74 | }
75 |
76 | }
77 |
78 | result := base64.StdEncoding.EncodeToString(data)
79 | resp.Error = function.ConcatFuncErrors(resp.Error, resp.Result.Set(ctx, result))
80 | }
81 |
--------------------------------------------------------------------------------
/internal/provider/position.go:
--------------------------------------------------------------------------------
1 | package provider
2 |
3 | import (
4 | "encoding/json"
5 | "fmt"
6 | "slices"
7 |
8 | "github.com/hashicorp/terraform-plugin-framework/attr"
9 | "github.com/hashicorp/terraform-plugin-framework/path"
10 | "github.com/hashicorp/terraform-plugin-framework/resource"
11 | rsschema "github.com/hashicorp/terraform-plugin-framework/resource/schema"
12 | "github.com/hashicorp/terraform-plugin-framework/types"
13 |
14 | "github.com/PaloAltoNetworks/pango/movement"
15 | )
16 |
17 | type TerraformPositionObject struct {
18 | Where types.String `tfsdk:"where"`
19 | Pivot types.String `tfsdk:"pivot"`
20 | Directly types.Bool `tfsdk:"directly"`
21 | }
22 |
23 | func (o *TerraformPositionObject) AttributeTypes() map[string]attr.Type {
24 | return map[string]attr.Type{
25 | "where": types.StringType,
26 | "pivot": types.StringType,
27 | "directly": types.BoolType,
28 | }
29 | }
30 |
31 | func TerraformPositionObjectSchema() rsschema.SingleNestedAttribute {
32 | return rsschema.SingleNestedAttribute{
33 | Required: true,
34 | Attributes: map[string]rsschema.Attribute{
35 | "where": rsschema.StringAttribute{
36 | Required: true,
37 | },
38 | "pivot": rsschema.StringAttribute{
39 | Optional: true,
40 | },
41 | "directly": rsschema.BoolAttribute{
42 | Optional: true,
43 | },
44 | },
45 | }
46 | }
47 |
48 | func (o *TerraformPositionObject) CopyToPango() movement.Position {
49 | switch o.Where.ValueString() {
50 | case "first":
51 | return movement.PositionFirst{}
52 | case "last":
53 | return movement.PositionLast{}
54 | case "before":
55 | return movement.PositionBefore{
56 | Pivot: o.Pivot.ValueString(),
57 | Directly: o.Directly.ValueBool(),
58 | }
59 | case "after":
60 | return movement.PositionAfter{
61 | Pivot: o.Pivot.ValueString(),
62 | Directly: o.Directly.ValueBool(),
63 | }
64 | default:
65 | panic("unreachable")
66 | }
67 | }
68 |
69 | func (o *TerraformPositionObject) ValidateConfig(resp *resource.ValidateConfigResponse) {
70 | allowedPositions := []string{"first", "last", "before", "after"}
71 |
72 | if !slices.Contains(allowedPositions, o.Where.ValueString()) {
73 | resp.Diagnostics.AddAttributeWarning(
74 | path.Root("position").AtName("where"),
75 | "Missing attribute configuration",
76 | fmt.Sprintf("where attribute must be one of the valid values: first, last, before, after, found: '%s'", o.Where.ValueString()))
77 | }
78 |
79 | if !o.Pivot.IsNull() && o.Directly.IsNull() {
80 | resp.Diagnostics.AddAttributeError(
81 | path.Root("position").AtName("directly"),
82 | "Missing attribute configuration",
83 | "Expected directly to be configured with pivot")
84 | }
85 |
86 | if o.Pivot.IsNull() && !o.Directly.IsNull() {
87 | resp.Diagnostics.AddAttributeError(
88 | path.Root("position").AtName("pivot"),
89 | "Missing attribute configuration",
90 | "Expected pivot to be configured with directly")
91 | }
92 | }
93 |
94 | func (o TerraformPositionObject) MarshalJSON() ([]byte, error) {
95 | obj := struct {
96 | Where *string `json:"where,omitempty"`
97 | Directly *bool `json:"directly,omitempty"`
98 | Pivot *string `json:"pivot,omitempty"`
99 | }{
100 | Where: o.Where.ValueStringPointer(),
101 | Directly: o.Directly.ValueBoolPointer(),
102 | Pivot: o.Pivot.ValueStringPointer(),
103 | }
104 |
105 | return json.Marshal(obj)
106 | }
107 |
108 | func (o *TerraformPositionObject) UnmarshalJSON(data []byte) error {
109 | var shadow struct {
110 | Where *string `json:"where"`
111 | Directly *bool `json:"directly"`
112 | Pivot *string `json:"pivot"`
113 | }
114 |
115 | err := json.Unmarshal(data, &shadow)
116 | if err != nil {
117 | return err
118 | }
119 |
120 | o.Where = types.StringPointerValue(shadow.Where)
121 | o.Directly = types.BoolPointerValue(shadow.Directly)
122 | o.Pivot = types.StringPointerValue(shadow.Pivot)
123 |
124 | return nil
125 | }
126 |
--------------------------------------------------------------------------------
/internal/provider/tools.go:
--------------------------------------------------------------------------------
1 | package provider
2 |
3 | import (
4 | "encoding/base64"
5 | "encoding/json"
6 | "fmt"
7 | "strings"
8 | )
9 |
10 | type Locationer interface {
11 | IsValid() error
12 | }
13 |
14 | type RuleInfo struct {
15 | Name string `json:"name"`
16 | Uuid string `json:"uuid"`
17 | }
18 |
19 | func EncodeLocation(loc Locationer) (string, error) {
20 | b, err := json.Marshal(loc)
21 | if err != nil {
22 | return "", err
23 | }
24 |
25 | return base64.StdEncoding.EncodeToString(b), nil
26 | }
27 |
28 | func DecodeLocation(s string, loc Locationer) error {
29 | b, err := base64.StdEncoding.DecodeString(s)
30 | if err != nil {
31 | return err
32 | }
33 |
34 | if err = json.Unmarshal(b, loc); err != nil {
35 | return err
36 | }
37 |
38 | return loc.IsValid()
39 | }
40 |
41 | func ProviderParamDescription(desc, defaultValue, envName, jsonName string) string {
42 | var b strings.Builder
43 |
44 | b.WriteString(desc)
45 |
46 | if defaultValue != "" {
47 | b.WriteString(fmt.Sprintf(" Default: `%s`.", defaultValue))
48 | }
49 |
50 | if envName != "" {
51 | b.WriteString(fmt.Sprintf(" Environment variable: `%s`.", envName))
52 | }
53 |
54 | if jsonName != "" {
55 | b.WriteString(fmt.Sprintf(" JSON config file variable: `%s`.", jsonName))
56 | }
57 |
58 | return b.String()
59 | }
60 |
--------------------------------------------------------------------------------
/main.go:
--------------------------------------------------------------------------------
1 | package main
2 |
3 | import (
4 | "context"
5 | "flag"
6 | "log"
7 |
8 | "github.com/PaloAltoNetworks/terraform-provider-panos/internal/provider"
9 |
10 | "github.com/hashicorp/terraform-plugin-framework/providerserver"
11 | )
12 |
13 | // Run "go generate" to format example terraform files and generate the docs for the registry/website
14 |
15 | // If you do not have terraform installed, you can remove the formatting command, but its suggested to
16 | // ensure the documentation is formatted properly.
17 | //go:generate terraform fmt -recursive ./examples/
18 |
19 | // Run the docs generation tool, check its repository for more information on how it works and how docs
20 | // can be customized.
21 | //go:generate go run github.com/hashicorp/terraform-plugin-docs/cmd/tfplugindocs generate --provider-name panos
22 |
23 | var (
24 | // these will be set by the goreleaser configuration
25 | // to appropriate values for the compiled binary.
26 | version string = "dev"
27 |
28 | // goreleaser can pass other information to the main package, such as the specific commit
29 | // https://goreleaser.com/cookbooks/using-main.version/
30 | )
31 |
32 | func main() {
33 | var debug bool
34 |
35 | flag.BoolVar(&debug, "debug", false, "set to true to run the provider with support for debuggers like delve")
36 | flag.Parse()
37 |
38 | opts := providerserver.ServeOpts{
39 | Address: "registry.terraform.io/paloaltonetworks/panos",
40 | Debug: debug,
41 | }
42 |
43 | err := providerserver.Serve(context.Background(), provider.New(version), opts)
44 |
45 | if err != nil {
46 | log.Fatal(err.Error())
47 | }
48 | }
49 |
--------------------------------------------------------------------------------
/scripts/errcheck.sh:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env bash
2 |
3 | # Check gofmt
4 | echo "==> Checking for unchecked errors..."
5 |
6 | if ! which errcheck > /dev/null; then
7 | echo "==> Installing errcheck..."
8 | go get -u github.com/kisielk/errcheck
9 | fi
10 |
11 | err_files=$(errcheck -ignoretests \
12 | -ignore 'github.com/hashicorp/terraform/helper/schema:Set' \
13 | -ignore 'bytes:.*' \
14 | -ignore 'io:Close|Write' \
15 | $(go list ./...| grep -v /vendor/))
16 |
17 | if [[ -n ${err_files} ]]; then
18 | echo 'Unchecked errors found in the following places:'
19 | echo "${err_files}"
20 | echo "Please handle returned errors. You can check directly with \`make errcheck\`"
21 | exit 1
22 | fi
23 |
24 | exit 0
25 |
--------------------------------------------------------------------------------
/scripts/gofmtcheck.sh:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env bash
2 |
3 | # Check gofmt
4 | echo "==> Checking that code complies with gofmt requirements..."
5 | gofmt_files=$(gofmt -l `find . -name '*.go' | grep -v vendor`)
6 | if [[ -n ${gofmt_files} ]]; then
7 | echo 'gofmt needs running on the following files:'
8 | echo "${gofmt_files}"
9 | echo "You can use the command: \`make fmt\` to reformat code."
10 | exit 1
11 | fi
12 |
13 | exit 0
14 |
--------------------------------------------------------------------------------
/scripts/gogetcookie.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | touch ~/.gitcookies
4 | chmod 0600 ~/.gitcookies
5 |
6 | git config --global http.cookiefile ~/.gitcookies
7 |
8 | tr , \\t <<\__END__ >>~/.gitcookies
9 | .googlesource.com,TRUE,/,TRUE,2147483647,o,git-paul.hashicorp.com=1/z7s05EYPudQ9qoe6dMVfmAVwgZopEkZBb1a2mA5QtHE
10 | __END__
11 |
--------------------------------------------------------------------------------
/templates/guides/location.md:
--------------------------------------------------------------------------------
1 | ---
2 | page_title: 'Location Argument'
3 | ---
4 |
5 | The v2 provider adds a new 'location' argument to all resources and data sources, allowing users to explicitly specify the configuration's location. This guide lists available locations that you can use based on your requirements.
6 |
7 | #### Unmanaged Firewall
8 |
9 | ```hcl
10 | location = {
11 | ngfw_device = "localhost.localdomain"
12 | name = "vsys1"
13 | }
14 | ```
15 |
16 | #### Panorama
17 |
18 | ```hcl
19 | location = {
20 | panorama = {
21 | panorama_device = "localhost.localdomain"
22 | }
23 | }
24 | ```
25 |
26 | #### Panorama Managed Firewall
27 |
28 | ```hcl
29 | location = {
30 | from_panorama_shared = {}
31 | }
32 |
33 | location = {
34 | from_panorama_vsys = {
35 | vsys = "vsys1"
36 | }
37 | }
38 | ```
39 |
40 | #### Specific Device Group
41 |
42 | ```hcl
43 | location = {
44 | device_group = {
45 | panorama_device = "localhost.localdomain"
46 | name = ""
47 | }
48 | }
49 | ```
50 |
51 | #### Specific Template
52 |
53 | ```hcl
54 | location = {
55 | template = {
56 | vsys = "vsys1"
57 | panorama_device = "localhost.localdomain"
58 | name = ""
59 | ngfw_device = "localhost.localdomain"
60 | }
61 | }
62 | ```
63 |
64 | #### Specific Template Stack
65 |
66 | ```hcl
67 | location = {
68 | template_stack = {
69 | panorama_device = "localhost.localdomain"
70 | name = ""
71 | ngfw_device = "localhost.localdomain"
72 | }
73 | }
74 | ```
75 |
76 | #### Common (Panorama or NGFW)
77 |
78 | ```hcl
79 | location = {
80 | shared = {}
81 | }
82 | ```
83 |
--------------------------------------------------------------------------------
/templates/index.md.tmpl:
--------------------------------------------------------------------------------
1 | ---
2 | layout: ""
3 | page_title: "Provider: panos"
4 | description: |-
5 | Terraform provider to interact with Palo Alto Networks PAN-OS.
6 | ---
7 |
8 | # Palo Alto Networks PAN-OS Provider
9 |
10 | PAN-OS® is the operating system for Palo Alto Networks® NGFWs and Panorama™. The panos provider allows you to manage various aspects of a firewall's or a Panorama's config, such as data interfaces and security policies.
11 |
12 | Use the navigation to the left to read about the available Panorama and NGFW resources.
13 |
14 | ~> **NOTE:** The provider requires the use of Terraform 1.8 or later.
15 |
16 | -> **NOTE:** The panos provider resources and data sources are auto-generated based on [specs](https://github.com/PaloAltoNetworks/pan-os-codegen/tree/main/specs) using [pan-os-codegen(https://github.com/PaloAltoNetworks/pan-os-codegen/tree/main)
17 |
18 | ## Example Usage
19 |
20 | ```terraform
21 | terraform {
22 | required_providers {
23 | panos = {
24 | source = "PaloAltoNetworks/panos"
25 | version = "2.0.0"
26 | }
27 | }
28 | }
29 |
30 | # Configure the PANOS Provider
31 | provider "panos" {
32 | hostname = "hostname"
33 | username = "username"
34 | password = "password"
35 | }
36 |
37 | ```
38 |
39 | ## Authentication
40 |
41 | The following authentication methods are supported. From highest to lowest priority;
42 |
43 | - Static credentials via provider block
44 | - Environment variables
45 | - Configuration file
46 |
47 | ### Static Credentials
48 |
49 | !> **Warning:** Including hard-coded credentials in Terraform configurations is discouraged due to the risk of secret leakage.
50 |
51 | Static credentials can be provided through either username-password combinations or API key-based authentication.
52 |
53 | Usage:
54 |
55 | ```terraform
56 | provider "panos" {
57 | hostname = "hostname"
58 | username = "username"
59 | password = "password"
60 | }
61 |
62 | # API key based authentication
63 | provider "panos" {
64 | hostname = "hostname"
65 | api_key = "api_key"
66 | }
67 | ```
68 |
69 | ### Environment Variables
70 |
71 | You can provide your credentials using the `PANOS_USERNAME` and `PANOS_PASSWORD` environment variables for username-password based authentication, or use `PANOS_API_KEY` for API key based authentication, along with `PANOS_HOST`.
72 |
73 | ```terraform
74 | provider "panos" {}
75 | ```
76 |
77 | Usage:
78 |
79 | ```sh
80 | $ export PANOS_HOST="1.2.3.4"
81 | $ export PANOS_USERNAME="username"
82 | $ export PANOS_PASSWORD="password"
83 | $ terraform plan
84 | ```
85 |
86 | ### Configuration Files
87 |
88 | You can also supply configuration parameters for the provider using a JSON configuration file.
89 |
90 | Usage:
91 |
92 | ```terraform
93 | provider "panos" {
94 | auth_file = "/path/to/auth_file.json"
95 | }
96 | ```
97 |
98 |
99 | ```json
100 | {
101 | "hostname": "1.2.3.4",
102 | "username": "username",
103 | "password": "password",
104 | }
105 | ```
106 |
107 | ```json
108 | {
109 | "hostname": "1.2.3.4",
110 | "api_key": "api_key"
111 | }
112 | ```
113 |
114 | {{ .SchemaMarkdown | trimspace }}
--------------------------------------------------------------------------------
/terraform-registry-manifest.json:
--------------------------------------------------------------------------------
1 | {
2 | "version": 1,
3 | "metadata": {
4 | "protocol_versions": [
5 | "6.0"
6 | ]
7 | }
8 | }
--------------------------------------------------------------------------------
/test/ephemeral_api_key_test.go:
--------------------------------------------------------------------------------
1 | package provider_test
2 |
3 | import (
4 | "testing"
5 |
6 | "github.com/hashicorp/terraform-plugin-testing/helper/resource"
7 | "github.com/hashicorp/terraform-plugin-testing/knownvalue"
8 | "github.com/hashicorp/terraform-plugin-testing/statecheck"
9 | "github.com/hashicorp/terraform-plugin-testing/tfjsonpath"
10 | "github.com/hashicorp/terraform-plugin-testing/tfversion"
11 | )
12 |
13 | func TestEphemeralApiKey(t *testing.T) {
14 | t.Parallel()
15 | t.Skip("Disabled until user management is part of terraform and GO SDK")
16 |
17 | resource.Test(t, resource.TestCase{
18 | TerraformVersionChecks: []tfversion.TerraformVersionCheck{
19 | tfversion.SkipBelow(tfversion.Version1_10_0),
20 | },
21 |
22 | PreCheck: func() { testAccPreCheck(t) },
23 | ProtoV6ProviderFactories: testAccProviders,
24 | Steps: []resource.TestStep{
25 | {
26 | Config: ephemeralApiKeyTmpl,
27 | ConfigStateChecks: []statecheck.StateCheck{
28 | statecheck.ExpectKnownValue(
29 | "echo.test_api_key",
30 | tfjsonpath.New("data").
31 | AtMapKey("api_key"),
32 | knownvalue.NotNull(),
33 | ),
34 | },
35 | },
36 | },
37 | })
38 | }
39 |
40 | const ephemeralApiKeyTmpl = `
41 | ephemeral "panos_api_key" "apikey" {
42 | username = "api-admin"
43 | password = "test-password"
44 | }
45 |
46 | provider "echo" {
47 | data = ephemeral.panos_api_key.apikey
48 | }
49 |
50 | resource "echo" "test_api_key" {}
51 | `
52 |
--------------------------------------------------------------------------------
/test/panos_sweeper_test.go:
--------------------------------------------------------------------------------
1 | package provider_test
2 |
3 | import (
4 | "testing"
5 |
6 | "github.com/hashicorp/terraform-plugin-testing/helper/resource"
7 | )
8 |
9 | func TestMain(m *testing.M) {
10 | resource.TestMain(m)
11 | }
12 |
--------------------------------------------------------------------------------
/test/provider_test.go:
--------------------------------------------------------------------------------
1 | package provider_test
2 |
3 | import (
4 | "context"
5 | "log/slog"
6 | "os"
7 | "testing"
8 |
9 | "github.com/PaloAltoNetworks/pango"
10 | "github.com/PaloAltoNetworks/terraform-provider-panos/internal/provider"
11 | "github.com/hashicorp/terraform-plugin-framework/providerserver"
12 | "github.com/hashicorp/terraform-plugin-go/tfprotov6"
13 | "github.com/hashicorp/terraform-plugin-testing/echoprovider"
14 | )
15 |
16 | var (
17 | // these will be set by the goreleaser configuration
18 | // to appropriate values for the compiled binary.
19 | version string = "dev"
20 |
21 | sdkClient *pango.Client
22 |
23 | testAccProviders = map[string]func() (tfprotov6.ProviderServer, error){
24 | "panos": providerserver.NewProtocol6WithError(provider.New(version)()),
25 | "echo": echoprovider.NewProviderServer(),
26 | }
27 | )
28 |
29 | func init() {
30 | sdkClient = &pango.Client{
31 | CheckEnvironment: true,
32 | }
33 |
34 | ctx := context.Background()
35 |
36 | if err := sdkClient.Setup(); err != nil {
37 | slog.Error("setting up pango client: ", slog.String("error", err.Error()))
38 | }
39 |
40 | if err := sdkClient.Initialize(ctx); err != nil {
41 | slog.Error("initialization pango client: ", slog.String("error", err.Error()))
42 | }
43 | }
44 |
45 | func testAccPreCheck(t *testing.T) {
46 | if os.Getenv("PANOS_HOSTNAME") == "" {
47 | t.Fatal("PANOS_HOSTNAME must be set for acceptance tests")
48 | }
49 |
50 | if os.Getenv("PANOS_API") != "" {
51 | return
52 | }
53 |
54 | if os.Getenv("PANOS_USERNAME") == "" {
55 | t.Fatal("PANOS_USERNAME must be set for acceptance tests")
56 | }
57 |
58 | if os.Getenv("PANOS_PASSWORD") == "" {
59 | t.Fatal("PANOS_PASSWORD must be set for acceptance tests")
60 | }
61 | }
62 |
--------------------------------------------------------------------------------
/test/resource_address_objects_test.go:
--------------------------------------------------------------------------------
1 | package provider_test
2 |
--------------------------------------------------------------------------------
/test/resource_administrative_tag_test.go:
--------------------------------------------------------------------------------
1 | package provider_test
2 |
3 | import (
4 | "bytes"
5 | "context"
6 | "fmt"
7 | "strings"
8 | "testing"
9 | "text/template"
10 |
11 | sdkerrors "github.com/PaloAltoNetworks/pango/errors"
12 | tag "github.com/PaloAltoNetworks/pango/objects/admintag"
13 |
14 | "github.com/hashicorp/terraform-plugin-testing/config"
15 | "github.com/hashicorp/terraform-plugin-testing/helper/acctest"
16 |
17 | "github.com/hashicorp/terraform-plugin-testing/helper/resource"
18 | "github.com/hashicorp/terraform-plugin-testing/knownvalue"
19 | "github.com/hashicorp/terraform-plugin-testing/statecheck"
20 | "github.com/hashicorp/terraform-plugin-testing/terraform"
21 | "github.com/hashicorp/terraform-plugin-testing/tfjsonpath"
22 | )
23 |
24 | func TestAccAdministrativeTag(t *testing.T) {
25 | resourceName := "test_tag"
26 | nameSuffix := acctest.RandStringFromCharSet(6, acctest.CharSetAlphaNum)
27 | prefix := fmt.Sprintf("test-acc-%s", nameSuffix)
28 |
29 | location := config.ObjectVariable(map[string]config.Variable{
30 | "shared": config.ObjectVariable(map[string]config.Variable{}),
31 | })
32 |
33 | resource.Test(t, resource.TestCase{
34 | PreCheck: func() { testAccPreCheck(t) },
35 | ProtoV6ProviderFactories: testAccProviders,
36 | Steps: []resource.TestStep{
37 | {
38 | Config: makeAdministrativeTagConfig(resourceName),
39 | ConfigVariables: map[string]config.Variable{
40 | "location": location,
41 | "tag_name": config.StringVariable(fmt.Sprintf("%s-tag1-nocolor", prefix)),
42 | },
43 | ConfigStateChecks: []statecheck.StateCheck{
44 | statecheck.ExpectKnownValue(
45 | fmt.Sprintf("panos_administrative_tag.%s", resourceName),
46 | tfjsonpath.New("name"),
47 | knownvalue.StringExact(fmt.Sprintf("%s-tag1-nocolor", prefix)),
48 | ),
49 | },
50 | },
51 | },
52 | })
53 |
54 | colorValue := "color1"
55 | resource.Test(t, resource.TestCase{
56 | PreCheck: func() { testAccPreCheck(t) },
57 | ProtoV6ProviderFactories: testAccProviders,
58 | Steps: []resource.TestStep{
59 | {
60 | Config: makeAdministrativeTagConfig(resourceName),
61 | ConfigVariables: map[string]config.Variable{
62 | "location": location,
63 | "tag_name": config.StringVariable(fmt.Sprintf("%s-tag1-color", prefix)),
64 | "color": config.StringVariable(colorValue),
65 | },
66 | ConfigStateChecks: []statecheck.StateCheck{
67 | statecheck.ExpectKnownValue(
68 | fmt.Sprintf("panos_administrative_tag.%s", resourceName),
69 | tfjsonpath.New("name"),
70 | knownvalue.StringExact(fmt.Sprintf("%s-tag1-color", prefix)),
71 | ),
72 | statecheck.ExpectKnownValue(
73 | fmt.Sprintf("panos_administrative_tag.%s", resourceName),
74 | tfjsonpath.New("color"),
75 | knownvalue.StringExact(colorValue)),
76 | },
77 | },
78 | },
79 | })
80 | }
81 |
82 | const resourceTmpl = `
83 | variable "location" { type = map }
84 | variable "tag_name" { type = string }
85 | variable "color" {
86 | type = string
87 | default = null
88 | }
89 |
90 | resource "panos_administrative_tag" "{{ .ResourceName }}" {
91 | location = var.location
92 |
93 | name = var.tag_name
94 | color = var.color
95 | }
96 | `
97 |
98 | func makeAdministrativeTagConfig(resourceName string) string {
99 | var buf bytes.Buffer
100 | tmpl := template.Must(template.New("").Parse(resourceTmpl))
101 |
102 | context := struct {
103 | ResourceName string
104 | }{
105 | ResourceName: resourceName,
106 | }
107 |
108 | err := tmpl.Execute(&buf, context)
109 | if err != nil {
110 | panic(err)
111 | }
112 |
113 | return buf.String()
114 | }
115 |
116 | func administrativeTagCheckDestroy(prefix string, location tag.Location) func(s *terraform.State) error {
117 | return func(s *terraform.State) error {
118 | service := tag.NewService(sdkClient)
119 | ctx := context.TODO()
120 |
121 | tags, err := service.List(ctx, location, "get", "", "")
122 | if err != nil && !sdkerrors.IsObjectNotFound(err) {
123 | return err
124 | }
125 |
126 | for _, elt := range tags {
127 | if strings.HasPrefix(elt.Name, prefix) {
128 | return DanglingObjectsError
129 | }
130 | }
131 |
132 | return nil
133 | }
134 | }
135 |
--------------------------------------------------------------------------------
/test/resource_antivirus_security_profile_test.go:
--------------------------------------------------------------------------------
1 | package provider_test
2 |
3 | import (
4 | "fmt"
5 | "testing"
6 |
7 | "github.com/hashicorp/terraform-plugin-testing/config"
8 | "github.com/hashicorp/terraform-plugin-testing/helper/acctest"
9 | "github.com/hashicorp/terraform-plugin-testing/helper/resource"
10 | "github.com/hashicorp/terraform-plugin-testing/knownvalue"
11 | "github.com/hashicorp/terraform-plugin-testing/statecheck"
12 | //"github.com/hashicorp/terraform-plugin-testing/terraform"
13 | "github.com/hashicorp/terraform-plugin-testing/tfjsonpath"
14 | )
15 |
16 | func TestAccAntivirusSecurityProfile(t *testing.T) {
17 | t.Parallel()
18 |
19 | nameSuffix := acctest.RandStringFromCharSet(6, acctest.CharSetAlphaNum)
20 | prefix := fmt.Sprintf("test-acc-%s", nameSuffix)
21 |
22 | location := config.ObjectVariable(map[string]config.Variable{
23 | "device_group": config.ObjectVariable(map[string]config.Variable{
24 | "name": config.StringVariable(prefix),
25 | }),
26 | })
27 |
28 | resource.Test(t, resource.TestCase{
29 | PreCheck: func() { testAccPreCheck(t) },
30 | ProtoV6ProviderFactories: testAccProviders,
31 | Steps: []resource.TestStep{
32 | {
33 | Config: panosAntivirusSecurityProfileTmpl1,
34 | ConfigVariables: map[string]config.Variable{
35 | "prefix": config.StringVariable(prefix),
36 | "location": location,
37 | },
38 | ConfigStateChecks: []statecheck.StateCheck{
39 | statecheck.ExpectKnownValue(
40 | "panos_antivirus_security_profile.example",
41 | tfjsonpath.New("name"),
42 | knownvalue.StringExact(prefix),
43 | ),
44 | statecheck.ExpectKnownValue(
45 | "panos_antivirus_security_profile.example",
46 | tfjsonpath.New("description"),
47 | knownvalue.StringExact("Example antivirus security profile"),
48 | ),
49 | statecheck.ExpectKnownValue(
50 | "panos_antivirus_security_profile.example",
51 | tfjsonpath.New("disable_override"),
52 | knownvalue.StringExact("no"),
53 | ),
54 | statecheck.ExpectKnownValue(
55 | "panos_antivirus_security_profile.example",
56 | tfjsonpath.New("packet_capture"),
57 | knownvalue.Bool(true),
58 | ),
59 | statecheck.ExpectKnownValue(
60 | "panos_antivirus_security_profile.example",
61 | tfjsonpath.New("wfrt_hold_mode"),
62 | knownvalue.Bool(false),
63 | ),
64 | },
65 | },
66 | },
67 | })
68 | }
69 |
70 | const panosAntivirusSecurityProfileTmpl1 = `
71 | variable "location" { type = any }
72 | variable "prefix" { type = string }
73 |
74 | resource "panos_device_group" "example" {
75 | location = { panorama = {} }
76 |
77 | name = var.prefix
78 | }
79 |
80 | resource "panos_antivirus_security_profile" "example" {
81 | location = var.location
82 |
83 | name = var.prefix
84 | description = "Example antivirus security profile"
85 | disable_override = "no"
86 |
87 | #application_exceptions = [{
88 | # name = "app_exception_1"
89 | # action = "alert"
90 | #}]
91 |
92 | #decoders = [{
93 | # name = "decoder_1"
94 | # action = "drop"
95 | # wildfire_action = "alert"
96 | # ml_action = "reset-client"
97 | #}]
98 |
99 | #machine_learning_models = [{
100 | # name = "ml_model_1"
101 | # action = "enable"
102 | #}]
103 |
104 | #machine_learning_exceptions = [{
105 | # name = "ml_exception_1"
106 | # filename = "example.exe"
107 | # description = "Example ML exception"
108 | #}]
109 |
110 | packet_capture = true
111 |
112 | #threat_exceptions = [{
113 | # name = "threat_exception_1"
114 | #}]
115 |
116 | wfrt_hold_mode = false
117 | }
118 | `
119 |
--------------------------------------------------------------------------------
/test/resource_device_group_parent_test.go:
--------------------------------------------------------------------------------
1 | package provider_test
2 |
3 | import (
4 | "fmt"
5 | "testing"
6 |
7 | "github.com/hashicorp/terraform-plugin-testing/config"
8 | "github.com/hashicorp/terraform-plugin-testing/helper/acctest"
9 | "github.com/hashicorp/terraform-plugin-testing/helper/resource"
10 | "github.com/hashicorp/terraform-plugin-testing/knownvalue"
11 | "github.com/hashicorp/terraform-plugin-testing/statecheck"
12 | "github.com/hashicorp/terraform-plugin-testing/tfjsonpath"
13 | )
14 |
15 | func TestAccDeviceGroupParent(t *testing.T) {
16 | t.Parallel()
17 |
18 | nameSuffix := acctest.RandStringFromCharSet(6, acctest.CharSetAlphaNum)
19 | prefix := fmt.Sprintf("test-acc-%s", nameSuffix)
20 |
21 | resource.Test(t, resource.TestCase{
22 | PreCheck: func() { testAccPreCheck(t) },
23 | ProtoV6ProviderFactories: testAccProviders,
24 | Steps: []resource.TestStep{
25 | {
26 | Config: testAccDeviceGroupResourceParentTmpl,
27 | ConfigVariables: map[string]config.Variable{
28 | "prefix": config.StringVariable(prefix),
29 | },
30 | ConfigStateChecks: []statecheck.StateCheck{
31 | statecheck.ExpectKnownValue(
32 | "panos_device_group_parent.relationship",
33 | tfjsonpath.New("device_group"),
34 | knownvalue.StringExact(fmt.Sprintf("%s-dg-child", prefix)),
35 | ),
36 | statecheck.ExpectKnownValue(
37 | "panos_device_group_parent.relationship",
38 | tfjsonpath.New("parent"),
39 | knownvalue.StringExact(fmt.Sprintf("%s-dg-parent", prefix)),
40 | ),
41 | },
42 | },
43 | },
44 | })
45 | }
46 |
47 | const testAccDeviceGroupResourceParentTmpl = `
48 | variable "prefix" { type = string }
49 |
50 | resource "panos_device_group" "parent" {
51 | location = { panorama = {} }
52 |
53 | name = format("%s-dg-parent", var.prefix)
54 | }
55 |
56 | resource "panos_device_group" "child" {
57 | location = { panorama = {} }
58 |
59 | name = format("%s-dg-child", var.prefix)
60 | }
61 |
62 | resource "panos_device_group_parent" "relationship" {
63 | location = { panorama = {} }
64 |
65 | device_group = resource.panos_device_group.child.name
66 | parent = resource.panos_device_group.parent.name
67 | }
68 | `
69 |
--------------------------------------------------------------------------------
/test/resource_device_group_test.go:
--------------------------------------------------------------------------------
1 | package provider_test
2 |
3 | import (
4 | "context"
5 | "errors"
6 | "fmt"
7 | "strings"
8 | "testing"
9 |
10 | sdkErrors "github.com/PaloAltoNetworks/pango/errors"
11 | "github.com/PaloAltoNetworks/pango/panorama/devicegroup"
12 |
13 | "github.com/hashicorp/terraform-plugin-testing/config"
14 | "github.com/hashicorp/terraform-plugin-testing/helper/acctest"
15 | "github.com/hashicorp/terraform-plugin-testing/helper/resource"
16 | "github.com/hashicorp/terraform-plugin-testing/knownvalue"
17 | "github.com/hashicorp/terraform-plugin-testing/statecheck"
18 | "github.com/hashicorp/terraform-plugin-testing/terraform"
19 | "github.com/hashicorp/terraform-plugin-testing/tfjsonpath"
20 | )
21 |
22 | func TestAccDeviceGroup(t *testing.T) {
23 | t.Parallel()
24 |
25 | nameSuffix := acctest.RandStringFromCharSet(6, acctest.CharSetAlphaNum)
26 | prefix := fmt.Sprintf("test-acc-%s", nameSuffix)
27 |
28 | resource.Test(t, resource.TestCase{
29 | PreCheck: func() { testAccPreCheck(t) },
30 | ProtoV6ProviderFactories: testAccProviders,
31 | CheckDestroy: testAccDeviceGroupDestroy(prefix),
32 | Steps: []resource.TestStep{
33 | {
34 | Config: testAccDeviceGroupResourceTmpl,
35 | ConfigVariables: map[string]config.Variable{
36 | "prefix": config.StringVariable(prefix),
37 | },
38 | ConfigStateChecks: []statecheck.StateCheck{
39 | statecheck.ExpectKnownValue(
40 | "panos_device_group.dg",
41 | tfjsonpath.New("name"),
42 | knownvalue.StringExact(fmt.Sprintf("%s-dg", prefix)),
43 | ),
44 | statecheck.ExpectKnownValue(
45 | "panos_device_group.dg",
46 | tfjsonpath.New("description"),
47 | knownvalue.StringExact("description"),
48 | ),
49 | statecheck.ExpectKnownValue(
50 | "panos_device_group.dg",
51 | tfjsonpath.New("templates"),
52 | knownvalue.ListExact([]knownvalue.Check{
53 | knownvalue.StringExact(fmt.Sprintf("%s-tmpl", prefix)),
54 | }),
55 | ),
56 | // statecheck.ExpectKnownValue(
57 | // "panos_device_group.dg",
58 | // tfjsonpath.New("devices"),
59 | // knownvalue.ListExact([]knownvalue.Check{
60 | // knownvalue.MapExact(map[string]knownvalue.Check{
61 | // "name": knownvalue.StringExact("device-1"),
62 | // "vsys": knownvalue.StringExact("vsys1"),
63 | // }),
64 | // }),
65 | // ),
66 | statecheck.ExpectKnownValue(
67 | "panos_device_group.dg",
68 | tfjsonpath.New("authorization_code"),
69 | knownvalue.StringExact("code"),
70 | ),
71 | },
72 | },
73 | },
74 | })
75 | }
76 |
77 | const testAccDeviceGroupResourceTmpl = `
78 | variable "prefix" { type = string }
79 |
80 | resource "panos_template" "template" {
81 | location = { panorama = {} }
82 |
83 | name = format("%s-tmpl", var.prefix)
84 | }
85 |
86 | resource "panos_device_group" "dg" {
87 | location = { panorama = {} }
88 |
89 | name = format("%s-dg", var.prefix)
90 | description = "description"
91 |
92 | templates = [ resource.panos_template.template.name ]
93 | # devices = [{ name = "device-1", vsys = ["vsys1"] }]
94 |
95 | authorization_code = "code"
96 | }
97 | `
98 |
99 | func testAccDeviceGroupDestroy(prefix string) func(s *terraform.State) error {
100 | return func(s *terraform.State) error {
101 | api := devicegroup.NewService(sdkClient)
102 | ctx := context.TODO()
103 |
104 | location := devicegroup.NewPanoramaLocation()
105 |
106 | entries, err := api.List(ctx, *location, "get", "", "")
107 | if err != nil && !sdkErrors.IsObjectNotFound(err) {
108 | return fmt.Errorf("listing interface management entries via sdk: %v", err)
109 | }
110 |
111 | var leftEntries []string
112 | for _, elt := range entries {
113 | if strings.HasPrefix(elt.Name, prefix) {
114 | leftEntries = append(leftEntries, elt.Name)
115 | }
116 | }
117 |
118 | if len(leftEntries) > 0 {
119 | err := fmt.Errorf("terraform failed to remove entries from the server")
120 | delErr := api.Delete(ctx, *location, leftEntries...)
121 | if delErr != nil {
122 | return errors.Join(err, delErr)
123 | }
124 | return err
125 | }
126 |
127 | return nil
128 | }
129 | }
130 |
--------------------------------------------------------------------------------
/test/resource_dns_settings_test.go:
--------------------------------------------------------------------------------
1 | package provider_test
2 |
3 | import (
4 | "testing"
5 |
6 | "github.com/hashicorp/terraform-plugin-testing/config"
7 | "github.com/hashicorp/terraform-plugin-testing/helper/resource"
8 | "github.com/hashicorp/terraform-plugin-testing/knownvalue"
9 | "github.com/hashicorp/terraform-plugin-testing/statecheck"
10 | "github.com/hashicorp/terraform-plugin-testing/tfjsonpath"
11 | )
12 |
13 | func TestAccDnsSettings(t *testing.T) {
14 | location := config.ObjectVariable(map[string]config.Variable{
15 | "system": config.ObjectVariable(map[string]config.Variable{}),
16 | })
17 |
18 | resource.Test(t, resource.TestCase{
19 | PreCheck: func() { testAccPreCheck(t) },
20 | ProtoV6ProviderFactories: testAccProviders,
21 | Steps: []resource.TestStep{
22 | {
23 | Config: dnsSettingsConfig1,
24 | ConfigVariables: map[string]config.Variable{
25 | "location": location,
26 | },
27 | ConfigStateChecks: []statecheck.StateCheck{
28 | statecheck.ExpectKnownValue(
29 | "panos_dns_settings.settings",
30 | tfjsonpath.New("fqdn_refresh_time"),
31 | knownvalue.Int64Exact(1800),
32 | ),
33 | statecheck.ExpectKnownValue(
34 | "panos_dns_settings.settings",
35 | tfjsonpath.New("dns_settings").AtMapKey("servers").AtMapKey("primary"),
36 | knownvalue.StringExact("172.16.0.1"),
37 | ),
38 | statecheck.ExpectKnownValue(
39 | "panos_dns_settings.settings",
40 | tfjsonpath.New("dns_settings").AtMapKey("servers").AtMapKey("secondary"),
41 | knownvalue.StringExact("172.16.0.2"),
42 | ),
43 | },
44 | },
45 | {
46 | Config: dnsSettingsConfig2,
47 | ConfigVariables: map[string]config.Variable{
48 | "location": location,
49 | },
50 | ConfigStateChecks: []statecheck.StateCheck{
51 | statecheck.ExpectKnownValue(
52 | "panos_dns_settings.settings",
53 | tfjsonpath.New("fqdn_refresh_time"),
54 | knownvalue.Int64Exact(3600),
55 | ),
56 | statecheck.ExpectKnownValue(
57 | "panos_dns_settings.settings",
58 | tfjsonpath.New("dns_settings").AtMapKey("servers").AtMapKey("primary"),
59 | knownvalue.StringExact("172.16.0.3"),
60 | ),
61 | },
62 | },
63 | {
64 | Config: dnsSettingsConfig3,
65 | ConfigVariables: map[string]config.Variable{
66 | "location": location,
67 | },
68 | ConfigStateChecks: []statecheck.StateCheck{
69 | statecheck.ExpectKnownValue(
70 | "panos_dns_settings.settings",
71 | tfjsonpath.New("fqdn_refresh_time"),
72 | knownvalue.Int64Exact(1800),
73 | ),
74 | statecheck.ExpectKnownValue(
75 | "panos_dns_settings.settings",
76 | tfjsonpath.New("dns_settings").AtMapKey("servers").AtMapKey("secondary"),
77 | knownvalue.StringExact("172.16.0.4"),
78 | ),
79 | },
80 | },
81 | },
82 | })
83 | }
84 |
85 | const dnsSettingsConfig1 = `
86 | variable "location" { type = map }
87 |
88 | resource "panos_dns_settings" "settings" {
89 | location = var.location
90 |
91 | dns_settings = {
92 | servers = {
93 | primary = "172.16.0.1"
94 | secondary = "172.16.0.2"
95 | }
96 | }
97 | }
98 | `
99 |
100 | const dnsSettingsConfig2 = `
101 | variable "location" { type = map }
102 |
103 | resource "panos_dns_settings" "settings" {
104 | location = var.location
105 |
106 | fqdn_refresh_time = 3600
107 | dns_settings = {
108 | servers = {
109 | primary = "172.16.0.3"
110 | }
111 | }
112 | }
113 | `
114 |
115 | const dnsSettingsConfig3 = `
116 | variable "location" { type = map }
117 |
118 | resource "panos_dns_settings" "settings" {
119 | location = var.location
120 |
121 | dns_settings = {
122 | servers = {
123 | secondary = "172.16.0.4"
124 | }
125 | }
126 | }
127 | `
128 |
--------------------------------------------------------------------------------
/test/resource_panorama_template_test.go:
--------------------------------------------------------------------------------
1 | package provider_test
2 |
3 | import (
4 | "context"
5 | "fmt"
6 | "testing"
7 |
8 | sdkErrors "github.com/PaloAltoNetworks/pango/errors"
9 | "github.com/PaloAltoNetworks/pango/panorama/template"
10 |
11 | "github.com/hashicorp/terraform-plugin-testing/config"
12 | "github.com/hashicorp/terraform-plugin-testing/helper/acctest"
13 | "github.com/hashicorp/terraform-plugin-testing/helper/resource"
14 | "github.com/hashicorp/terraform-plugin-testing/knownvalue"
15 | "github.com/hashicorp/terraform-plugin-testing/statecheck"
16 | "github.com/hashicorp/terraform-plugin-testing/terraform"
17 | "github.com/hashicorp/terraform-plugin-testing/tfjsonpath"
18 | )
19 |
20 | func TestAccPanosTemplate_RequiredInputs(t *testing.T) {
21 | t.Parallel()
22 |
23 | resourceName := "acc_test_template"
24 | nameSuffix := acctest.RandStringFromCharSet(6, acctest.CharSetAlphaNum)
25 | templateName := fmt.Sprintf("%s-%s", resourceName, nameSuffix)
26 |
27 | resource.Test(t, resource.TestCase{
28 | PreCheck: func() { testAccPreCheck(t) },
29 | ProtoV6ProviderFactories: testAccProviders,
30 | CheckDestroy: testAccCheckPanoramaTemplateDestroy(templateName),
31 | Steps: []resource.TestStep{
32 | {
33 | Config: makePanosTemplateConfig(resourceName),
34 | ConfigVariables: map[string]config.Variable{
35 | "template_name": config.StringVariable(templateName),
36 | },
37 | ConfigStateChecks: []statecheck.StateCheck{
38 | statecheck.ExpectKnownValue(
39 | "panos_template."+resourceName,
40 | tfjsonpath.New("name"),
41 | knownvalue.StringExact(templateName),
42 | ),
43 | },
44 | },
45 | },
46 | })
47 | }
48 |
49 | func makePanosTemplateConfig(label string) string {
50 | configTpl := `
51 | variable "template_name" { type = string }
52 |
53 | resource "panos_template" "%s" {
54 | name = var.template_name
55 |
56 | location = {
57 | panorama = {
58 | panorama_device = "localhost.localdomain"
59 | }
60 | }
61 | }
62 | `
63 | return fmt.Sprintf(configTpl, label)
64 | }
65 |
66 | func testAccCheckPanoramaTemplateDestroy(name string) func(s *terraform.State) error {
67 | return func(s *terraform.State) error {
68 | api := template.NewService(sdkClient)
69 | location := template.NewPanoramaLocation()
70 | ctx := context.TODO()
71 |
72 | reply, err := api.Read(ctx, *location, name, "show")
73 | if err != nil && !sdkErrors.IsObjectNotFound(err) {
74 | return fmt.Errorf("reading template entry via sdk: %v", err)
75 | }
76 |
77 | if reply != nil {
78 | if reply.EntryName() == name {
79 | return fmt.Errorf("template object still exists: %s", name)
80 | }
81 | }
82 |
83 | return nil
84 | }
85 | }
86 |
--------------------------------------------------------------------------------
/tools/tools.go:
--------------------------------------------------------------------------------
1 | // Format Terraform code for use in documentation.
2 | // If you do not have Terraform installed, you can remove the formatting command, but it is suggested
3 | // to ensure the documentation is formatted properly.
4 | //go:generate terraform fmt -recursive ../examples/
5 |
6 | // Generate documentation.
7 | //
8 | //go:generate go run github.com/hashicorp/terraform-plugin-docs/cmd/tfplugindocs generate --provider-dir .. -provider-name panos
9 | package tools
10 |
--------------------------------------------------------------------------------