Application Group Configuration Object
The ApplicationGroup class provides functionality to manage application groups in Palo Alto Networks' Strata Cloud
Manager.
Application groups allow you to organize and manage collections of applications for use in security policies and other
configurations.
Overview
Application groups in Strata Cloud Manager allow you to:
- Group multiple applications together for easier management
- Create static groups with explicit lists of applications
- Organize application groups within folders, snippets, or devices
- Reference groups in security policies and other configurations
- Fetch and manage groups by name or ID
Methods
| Method | Description |
|---|---|
create() |
Creates a new application group |
get() |
Retrieves an application group by ID |
update() |
Updates an existing application group |
delete() |
Deletes an application group |
list() |
Lists application groups with optional filtering |
fetch() |
Retrieves a single application group by name |
Creating Application Groups
The create() method allows you to create new application groups. You must specify a name, members list, and exactly
one
container type (folder, snippet, or device).
Example: Creating an Application Group
"name": "web-apps",
"members": ["ssl", "web-browsing"],
"folder": "Texas",
}
new_group = application_groups.create(group_data)
print(f"Created group: {new_group.name}")
Getting Application Groups
Use the get() method to retrieve an application group by its ID.
group = application_groups.get(group_id)
print(f"Group Name: {group.name}")
print(f"Members: {group.members}")
Updating Application Groups
The update() method allows you to modify existing application groups.
web_apps['members'] = ['ssl', 'web-browsing', 'dns-base']
updated_group = application_groups.update(web_apps)
print(f"Updated group: {updated_group.name}")
Deleting Application Groups
Use the delete() method to remove an application group.
application_groups.delete(group_id)
print("Group deleted successfully")
Listing Application Groups
The list() method retrieves multiple application groups with optional filtering. You can filter the results using the
following kwargs:
members: List[str] - Filter by member applications (e.g., ['ssl', 'web-browsing'])
# List groups containing specific membersssl_groups = application_groups.list(
folder="Texas",
members=['ssl']
)
# List groups with multiple member matchesweb_groups = application_groups.list(
folder="Texas",
members=['ssl', 'web-browsing']
)
# Print the resultsfor group in groups:
print(f"Name: {group.name}, Members: {group.members}")
Fetching Application Groups
The fetch() method retrieves a single application group by name from a specific container.
name="web-apps",
folder="Texas"
)
print(f"Found group: {group['name']}")
print(f"Current members: {group['members']}")
Full Workflow Example
Here's a complete example demonstrating the full lifecycle of an application group:
from scm.config.objects import ApplicationGroup
# Initialize clientclient = Scm(
client_id="your_client_id",
client_secret="your_client_secret",
tsg_id="your_tsg_id"
)
# Initialize application group objectapplication_groups = ApplicationGroup(client)
# Create new groupgroup_data = {
"name": "web-apps",
"members": ["ssl", "web-browsing"],
"folder": "Texas",
}
new_group = application_groups.create(group_data)
print(f"Created group: {new_group.name}")
# Fetch the group by namefetched_group = application_groups.fetch(
name="web-apps",
folder="Texas"
)
# Modify the fetched groupfetched_group["members"] = ['ssl', 'web-browsing', 'dns-base']
# Update using the modified objectupdated_group = application_groups.update(fetched_group)
print(f"Updated group: {updated_group.name}")
print(f"New members: {updated_group.members}")
# List all groupsgroups = application_groups.list(folder="Texas")
for group in groups:
print(f"Listed group: {group.name}")
# Clean upapplication_groups.delete(new_group.id)
print("Group deleted successfully")