palo_alto/cloudngfw¶
Overview¶
This page documents the Terraform module implementation, key configuration surfaces, and how it integrates with CAF.
Dependency diagram (Mermaid)¶
graph TD
azurerm_palo_alto_next_generation_firewall_virtual_network_local_rulestack.palo_alto_ngfw_vnet_local_rulestack["azurerm_palo_alto_next_generation_firewall_virtual_network_local_rulestack.palo_alto_ngfw_vnet_local_rulestack"]
azurerm_palo_alto_next_generation_firewall_virtual_network_panorama.palo_alto_ngfw_vnet_panorama["azurerm_palo_alto_next_generation_firewall_virtual_network_panorama.palo_alto_ngfw_vnet_panorama"]
azurerm_palo_alto_virtual_network_appliance.palo_alto_virtual_network_appliance["azurerm_palo_alto_virtual_network_appliance.palo_alto_virtual_network_appliance"]
module.diagnostics["module.diagnostics"]
module.local_rulestack["module.local_rulestack"]
azurerm_palo_alto_next_generation_firewall_virtual_network_local_rulestack.palo_alto_ngfw_vnet_local_rulestack --> module.local_rulestack
Module Reference¶
Category: palo_alto
Path: modules/palo_alto/cloudngfw
Azure Resources: azurerm_palo_alto_next_generation_firewall_virtual_network_local_rulestack, azurerm_palo_alto_next_generation_firewall_virtual_network_panorama, azurerm_palo_alto_virtual_network_appliance
Inputs¶
| Name | Description | Type | Required | Default | Validation |
|---|---|---|---|---|---|
global_settings |
The global_settings object is a map of settings that can be used to configure the naming convention for Azure resourc... | any |
yes | - |
- |
client_config |
Client configuration object primarily used for specifying the Azure client context in non-interactive environments, s... | any |
yes | - |
- |
location |
(Optional) Specifies the supported Azure location where to create the resource. If not provided, the resource group's... | string |
no | - |
- |
settings |
Settings of the module: Top-level properties are for azurerm_palo_alto_next_generation_firewall_virtual_network_local... | any |
yes | - |
- |
resource_group |
Resource group object where the NGFW and its Rulestack will be deployed. | any |
yes | - |
- |
base_tags |
Flag to determine if tags should be inherited from global settings and resource group. | bool |
no | true |
- |
remote_objects |
Remote objects for dependencies like diagnostics, managed identities etc. | any |
no | {} |
- |
Outputs¶
| Name | Description | Sensitive | Value |
|---|---|---|---|
palo_alto_virtual_network_appliance_id |
The identifier of the created Palo Alto Virtual Network Appliance. | - | length(azurerm_palo_alto_virtual_network_appliance.palo_alto_virtual_network_appliance) > 0 ? azurerm_palo_alto_virtual_network_appliance.palo_alto_virtual_network_appliance[0].id : null |
palo_alto_next_generation_firewall_virtual_network_local_rulestack |
The ID of the Palo Alto Next Generation Firewall (Virtual Network Local Rulestack). | - | length(azurerm_palo_alto_next_generation_firewall_virtual_network_local_rulestack.palo_alto_ngfw_vnet_local_rulestack) > 0 ? azurerm_palo_alto_next_generation_firewall_virtual_network_local_rulestack.palo_alto_ngfw_vnet_local_rulestack[0].id : null |
palo_alto_next_generation_firewall_virtual_network_panorama_id |
The ID of the Palo Alto Next Generation Firewall (Virtual Network Panorama). | - | length(azurerm_palo_alto_next_generation_firewall_virtual_network_panorama.palo_alto_ngfw_vnet_panorama) > 0 ? azurerm_palo_alto_next_generation_firewall_virtual_network_panorama.palo_alto_ngfw_vnet_panorama[0].id : null |
local_rulestack_id |
The ID of the associated Local Rulestack created and managed by the sub-module. | - | length(module.local_rulestack) > 0 ? module.local_rulestack[0].id : null |
local_rulestack_name |
The name of the associated Local Rulestack. | - | length(module.local_rulestack) > 0 ? module.local_rulestack[0].name : null |
local_rulestack_rules |
Details of the rules created in the local rulestack. | - | length(module.local_rulestack) > 0 ? module.local_rulestack[0].rules_output : null |
Sources¶
modules/palo_alto/cloudngfw/cloudngfw.tfmodules/palo_alto/cloudngfw/diagnostics.tfmodules/palo_alto/cloudngfw/local_diagnostics.tfmodules/palo_alto/cloudngfw/locals.tfmodules/palo_alto/cloudngfw/main.tfmodules/palo_alto/cloudngfw/managed_identities.tfmodules/palo_alto/cloudngfw/outputs.tfmodules/palo_alto/cloudngfw/providers.tfmodules/palo_alto/cloudngfw/variables.tf