palo_alto/cloudngfw¶
Overview¶
This page documents the Terraform module implementation, key configuration surfaces, and how it integrates with CAF.
Dependency diagram (Mermaid)¶
graph TD
azurerm_palo_alto_next_generation_firewall_virtual_network_local_rulestack.palo_alto_ngfw_vnet_local_rulestack["azurerm_palo_alto_next_generation_firewall_virtual_network_local_rulestack.palo_alto_ngfw_vnet_local_rulestack"]
azurerm_palo_alto_next_generation_firewall_virtual_network_panorama.palo_alto_ngfw_vnet_panorama["azurerm_palo_alto_next_generation_firewall_virtual_network_panorama.palo_alto_ngfw_vnet_panorama"]
azurerm_palo_alto_virtual_network_appliance.palo_alto_virtual_network_appliance["azurerm_palo_alto_virtual_network_appliance.palo_alto_virtual_network_appliance"]
module.diagnostics["module.diagnostics"]
module.local_rulestack["module.local_rulestack"]
remote:diagnostics["remote:diagnostics"]
azurerm_palo_alto_next_generation_firewall_virtual_network_local_rulestack.palo_alto_ngfw_vnet_local_rulestack --> module.local_rulestack
module.diagnostics --> remote:diagnostics
Module Reference¶
Category: palo_alto
Path: modules/palo_alto/cloudngfw
Azure Resources: azurerm_palo_alto_next_generation_firewall_virtual_network_local_rulestack, azurerm_palo_alto_next_generation_firewall_virtual_network_panorama, azurerm_palo_alto_virtual_network_appliance
Inputs¶
| Name | Description | Type | Required | Default | Validation |
|---|---|---|---|---|---|
"global_settings" |
"<<DESCRIPTION The global_settings object is a map of settings that can be used to configure the naming convention fo... | any |
yes | - |
- |
"client_config" |
"<<DESCRIPTION Client configuration object primarily used for specifying the Azure client context in non-interactive ... | any |
yes | - |
- |
"location" |
"(Optional) Specifies the supported Azure location where to create the resource. If not provided, the resource group'... | string |
no | - |
- |
"settings" |
"<<DESCRIPTION Settings of the module: Top-level properties are for azurerm_palo_alto_next_generation_firewall_virtua... | any |
yes | - |
- |
"resource_group" |
"Resource group object where the NGFW and its Rulestack will be deployed." | any |
yes | - |
- |
"base_tags" |
"Flag to determine if tags should be inherited from global settings and resource group." | bool |
no | true |
- |
"remote_objects" |
"Remote objects for dependencies like diagnostics, managed identities etc." | any |
no | {} |
- |
Outputs¶
| Name | Description | Sensitive | Value |
|---|---|---|---|
"palo_alto_virtual_network_appliance_id" |
"The identifier of the created Palo Alto Virtual Network Appliance." | - | length(azurerm_palo_alto_virtual_network_appliance.palo_alto_virtual_network_appliance) > 0 ? azurerm_palo_alto_virtual_network_appliance.palo_alto_virtual_network_appliance[0].id : null |
"palo_alto_next_generation_firewall_virtual_network_local_rulestack" |
"The ID of the Palo Alto Next Generation Firewall (Virtual Network Local Rulestack)." | - | length(azurerm_palo_alto_next_generation_firewall_virtual_network_local_rulestack.palo_alto_ngfw_vnet_local_rulestack) > 0 ? azurerm_palo_alto_next_generation_firewall_virtual_network_local_rulestack.palo_alto_ngfw_vnet_local_rulestack[0].id : null |
"palo_alto_next_generation_firewall_virtual_network_panorama_id" |
"The ID of the Palo Alto Next Generation Firewall (Virtual Network Panorama)." | - | length(azurerm_palo_alto_next_generation_firewall_virtual_network_panorama.palo_alto_ngfw_vnet_panorama) > 0 ? azurerm_palo_alto_next_generation_firewall_virtual_network_panorama.palo_alto_ngfw_vnet_panorama[0].id : null |
"local_rulestack_id" |
"The ID of the associated Local Rulestack created and managed by the sub-module." | - | length(module.local_rulestack) > 0 ? module.local_rulestack[0].id : null |
"local_rulestack_name" |
"The name of the associated Local Rulestack." | - | length(module.local_rulestack) > 0 ? module.local_rulestack[0].name : null |
"local_rulestack_rules" |
"Details of the rules created in the local rulestack." | - | length(module.local_rulestack) > 0 ? module.local_rulestack[0].rules_output : null |
Sources¶
modules/palo_alto/cloudngfw/cloudngfw.tfmodules/palo_alto/cloudngfw/diagnostics.tfmodules/palo_alto/cloudngfw/local_diagnostics.tfmodules/palo_alto/cloudngfw/locals.tfmodules/palo_alto/cloudngfw/main.tfmodules/palo_alto/cloudngfw/managed_identities.tfmodules/palo_alto/cloudngfw/outputs.tfmodules/palo_alto/cloudngfw/providers.tfmodules/palo_alto/cloudngfw/variables.tf