This is a very basic example showing how to 'set' a templatized portion of the configuration. The user will be prompted two input values. Each one will be interpolated into the 'element' and 'set' into the NGFW configuration.
name: mySkillet
label: Sets the Login Banner
description: |
Simple Skillet to demonstrate how to use the 'set' command type for panos skillets
type: panos
labels:
collection:
- Example Skillets
variables:
- name: hostname
description: Firewall hostname
default: next-gen-firewall-01
type_hint: text
- name: firewall_env
description: Firewall Environment
default: develop
type_hint: dropdown
dd_list:
- key: Develop
value: Develop
- key: Production
value: Production
snippets:
- name: login-banner-226180
cmd: set
xpath: /config/devices/entry[@name="localhost.localdomain"]/deviceconfig/system
element: |-
<login-banner> Be Aware {{ hostname }} is in {{ firewall_env }}. </login-banner>
PAN-OS Skillets that load smaller bits of XML configuration into the device, can contain those elements 'inline' using the 'element' attribute. Larger chunks of XML can also be stored separately on the filesystem using the 'file' attribute. The value of the 'file' attribute should be a relative path to the file to read and load. In both cases, jinja variable interpolation is done before being sent to the NGFW.
The 'snippets' section contains all the skillet type specific configuration. Here are the details of each attribute for 'panos' type skillets:
- name - name of this snippet. Useful for debugging and determining which snippets were executed successfully.
- cmd - the command to execute. Valid options are
- op - performs an xml encoded op command
- Requires the 'cmd_str' attribute
- set - performs a 'set'
- Requires 'xpath' and either 'file' or 'element' attributes
- edit - performs an 'edit'
- Requires 'xpath' and either 'file' or 'element' attributes
- override - performs an 'override'
- Requires 'xpath' and either 'file' or 'element' attributes
- move - performs a 'move'
- Requires the 'where' attribute
- rename - performs a 'rename'
- Requires the 'new_name' attribute
- clone - performs a 'clone'
- Requires the 'new_name' and 'xpath_from' attribute
- delete - performs a 'delete'
- Requires the 'xpath' attribute
- show - performs a 'show'
- Requires the 'xpath' attribute
- get - performs a 'get'
- Requires the 'xpath' attribute
- cli - performs 'cli' command. ex: show system info
- Requires the 'cmd_str' attribute
- validate - performs a validate
- Requires the 'test' attribute
- validate_xml - validates an xml path with a loaded xml snippet
- Requires 'xpath' and either 'file' or 'element' attributes
- parse - parses a variable using output capturing
- Requires 'variable' and 'outputs' attributes