Prisma SASE - Create or Edit Security Policy Rule
This playbook handles the creation or editing of the Security Policy Rule for Prisma SASE integration.
Palo Alto Networks - Strata Cloud Manager · 12 tasks · 12 inputs · 25 outputs
Inputs
TSGID— Tenant services group ID. If not provided, the tsg_id integration parameter will be used as the default.Folder— The configuration folder group setting. The default value is 'Shared'.Action— Possible values: allow,deny,drop,reset-both,reset-client,reset-server.Position— Rule position. The default value is 'pre'.Source— A comma-separated list of source networks. The default value is 'any'.Destination— A comma-separated list of destination networks. The default value is 'any'.Service— Services the rule applies to. Default value is 'any'.Application— A comma-separated list of applications. Default value is 'any'.RuleName— The name of the security rule.AutoCommit— Possible values: True -> Will commit and push configuration. False -> Manual push will be required. Else --> Will ignore the push section and continue the playbook.Overwrite— Whether to overwrite the original rule values. The default value is 'false'.Category— A comma-separated list of categories. You can get category values by running the prisma-sase-custom-url-category-list command. Default value is 'any'.
Outputs
PrismaSase.CandidateConfig— Configuration job object.PrismaSase.CandidateConfig.job_id— Configuration job ID.PrismaSase.CandidateConfig.result— The configuration push result, e.g., OK, FAIL.PrismaSase.CandidateConfig.details— The configuration push details.PrismaSase— The root context key for Prisma SASE integration output.PrismaSase.SecurityRule— Found security rule.PrismaSase.SecurityRule.action— Security rule action.PrismaSase.SecurityRule.application— Security rule application.PrismaSase.SecurityRule.category— Security rule category.PrismaSase.SecurityRule.description— Security rule description.PrismaSase.SecurityRule.destination— Security rule destination.PrismaSase.SecurityRule.folder— Security rule folder.PrismaSase.SecurityRule.from— Security rule from field (source zone(s)).PrismaSase.SecurityRule.id— Security rule ID.PrismaSase.SecurityRule.log_setting— Security rule log setting.PrismaSase.SecurityRule.name— Security rule name.PrismaSase.SecurityRule.position— Security rule position.PrismaSase.SecurityRule.service— Security rule service.PrismaSase.SecurityRule.source— Security rule source.PrismaSase.SecurityRule.source_user— Security rule source user.PrismaSase.SecurityRule.tag— Security rule tag.PrismaSase.SecurityRule.to— Security rule to field (destination zone(s)).PrismaSase.SecurityRule.negate_destination— Security rule negate destination.PrismaSase.SecurityRule.profile_setting— The Security rule group object in the rule.PrismaSase.SecurityRule.profile_setting.group— Security rule group.
Commands used
prisma-sase-candidate-config-push
prisma-sase-security-rule-create
prisma-sase-security-rule-list
prisma-sase-security-rule-update