This Terraform module creates tags in a Palo Alto FW. Using this module in automation with Consul Terraform Sync (CTS) will dynamically create or delete tags based off of configured services. This module is useful for testing CTS to observe how changes in service instances play out in a Palo Alto instance.
The module uses the panos Terraform provider to create tags. The tags are named after the monitored Consul service instances.
| Ecosystem | Version |
|---|---|
| consul | >= 1.7 |
| consul-terraform-sync | >= 0.1.0 |
| terraform | >= 0.13 |
| Name | Version |
|---|---|
| panos | >= 1.8.0 |
This module expects that the user has already setup a PANOS firewall with a username and password / token.
User Config for Consul Terraform Sync
See Securely Configure Terraform Providers for alternatives to directly inserting token in config file.
example.hcl
task {
name = "task_d"
services = ["api"]
providers = ["panos"]
version = "0.0.1"
source = "lornasong/panos_tag/cts"
}
terraform_provider "panos" {
hostname = "ZZ.ZZ.ZZ.ZZ"
username = "YYYY"
api_key = "XXXX"
}