Skip to content

Home

PaloAltoNetworks

pan-scm-cli: Command-line interface for managing Palo Alto Networks Strata Cloud Manager configurations

Contributors Forks Stars Issues License

Documentation: https://cdot65.github.io/pan-scm-cli/

Source Code: https://github.com/cdot65/pan-scm-cli

pan-scm-cli is a command-line interface tool for managing Palo Alto Networks Strata Cloud Manager configurations.

Installation

Requirements:

  • Python 3.10 or higher
$ pip install pan-scm-cli
---> 100%
Successfully installed pan-scm-cli

Key Features

  • Intuitive CLI Structure: Standardized command structure for easy learning and usage
  • Resource Management: Create, update, and delete SCM objects using simple commands
  • Bulk Operations: Apply configurations from YAML files for efficient batch processing
  • Validated Input: Built-in validation ensures configurations are properly formatted
  • Consistent Output: Standardized output format for all operations
  • Error Handling: Clear error messages to help identify and resolve issues
  • Dry Run Mode: Preview changes before applying them to your environment

Quick Start

Setting up authentication:

# Create a context for your SCM tenant
$ scm context create my-tenant \
  --client-id "app@123456789.iam.panserviceaccount.com" \
  --client-secret "your-secret-key" \
  --tsg-id "123456789"
 Context 'my-tenant' created successfully
 Context 'my-tenant' set as current

# Test the connection
$ scm context test
Testing authentication for context: my-tenant
 Authentication successful!
  Client ID: app@123456789.iam.panserviceaccount.com
  TSG ID: 123456789
 API connectivity verified (found 25 address objects in Shared folder)

Example: Creating an Address Object

$ scm set object address \
    --folder Texas \
    --name webserver \
    --ip-netmask 192.168.1.100/32 \
    --description "Web server" \
    --tags ["server", "web"]
[INFO] Using authentication context: my-tenant
Created address: webserver in folder Texas

Example: Deleting an Address Object

$ scm delete object address --folder Texas --name webserver
---> 100%
Deleted address: webserver from folder Texas

Example: Loading Multiple Objects from YAML

$ scm load object address --file config/addresses.yml
---> 100%
Loading addresses from config/addresses.yml
Applied address: webserver in folder Texas
Applied address: database in folder Texas
Applied address: loadbalancer in folder Texas
Successfully applied 3 address objects

Command Structure

Commands in pan-scm-cli follow a consistent structure:

scm <action> <resource-type> <resource> [options]

Where:

  • <action>: The operation to perform (set, delete, load)
  • <resource-type>: The category of resource (objects, deployment, network, security)
  • <resource>: The specific resource type (address, address-group, zone, etc.)
  • [options]: Resource-specific parameters and global options

Getting Started

To begin using pan-scm-cli, check out the Getting Started Guide which covers installation, configuration, and basic usage examples.

For detailed information about each command, refer to the CLI Reference section.

Contributing

Contributions are welcome and greatly appreciated. Visit the Contributing page for guidelines on how to contribute.

License

This project is licensed under the Apache 2.0 License - see the License page for details.