Service Configuration Object
The Service class provides functionality to manage service objects in Palo Alto Networks' Strata Cloud Manager.
Services
define network protocols and ports that can be referenced in security policies and NAT rules.
Overview
Services in Strata Cloud Manager allow you to:
- Define TCP and UDP services with specific ports
- Configure protocol timeout overrides
- Organize services within folders, snippets, or devices
- Apply tags for better organization
- Reference services in security policies and other configurations
Methods
| Method | Description |
|---|---|
create() |
Creates a new service |
get() |
Retrieves a service by ID |
update() |
Updates an existing service |
delete() |
Deletes a service |
list() |
Lists services with optional filtering |
fetch() |
Retrieves a single service by name |
Creating Services
The create() method allows you to define new services. You must specify exactly one protocol type (TCP or UDP) and one
container type (folder, snippet, or device).
Example: Creating a TCP Service
tcp_service = {
"name": "web-service",
"protocol": {
"tcp": {
"port": "80,443",
"override": {
"timeout": 60,
"halfclose_timeout": 30
}
}
},
"description": "Web service for HTTP/HTTPS",
"folder": "Texas",
"tag": ["Automation"]
}
new_service = services.create(tcp_service)
print(f"Created service: {new_service.name}")
"name": "web-service",
"protocol": {
"tcp": {
"port": "80,443",
"override": {
"timeout": 60,
"halfclose_timeout": 30
}
}
},
"description": "Web service for HTTP/HTTPS",
"folder": "Texas",
"tag": ["Automation"]
}
new_service = services.create(tcp_service)
print(f"Created service: {new_service.name}")
Example: Creating a UDP Service
udp_service = {
"name": "dns-service",
"protocol": {
"udp": {
"port": "53"
}
},
"description": "DNS service",
"folder": "Texas"
}
new_service = services.create(udp_service)
print(f"Created service: {new_service.name}")
"name": "dns-service",
"protocol": {
"udp": {
"port": "53"
}
},
"description": "DNS service",
"folder": "Texas"
}
new_service = services.create(udp_service)
print(f"Created service: {new_service.name}")
Getting Services
Use the get() method to retrieve a service by its ID.
service_id = "123e4567-e89b-12d3-a456-426655440000"
service_obj = service.get(service_id)
print(f"Service: {service_obj.name}")
print(f"Protocol: {'TCP' if 'tcp' in service_obj.protocol else 'UDP'}")
service_obj = service.get(service_id)
print(f"Service: {service_obj.name}")
print(f"Protocol: {'TCP' if 'tcp' in service_obj.protocol else 'UDP'}")
Updating Services
The update() method allows you to modify existing services.
service_object = services.fetch(folder='Texas', name='dns-service')
service_object['description'] = 'updated description'
updated_service = services.update(service_object)
print(f"Updated service: {updated_service.name}")
service_object['description'] = 'updated description'
updated_service = services.update(service_object)
print(f"Updated service: {updated_service.name}")
Deleting Services
Use the delete() method to remove a service.
service_id = "123e4567-e89b-12d3-a456-426655440000"
services.delete(service_id)
print("Service deleted successfully")
services.delete(service_id)
print("Service deleted successfully")
Listing Services
The list() method retrieves multiple services with optional filtering. You can filter the results using the
following kwargs:
protocol: List[str] - Filter by protocol type (e.g., ['tcp', 'udp'])tag: List[str] - Filter by tags (e.g., ['Automation', 'Production'])
# List all services in a folderservices = services.list(folder="Texas")
# List only TCP servicestcp_services = services.list(
folder="Texas",
protocol=['tcp']
)
# List services with specific tagstagged_services = services.list(
folder="Texas",
tag=['Automation']
)
# Combine multiple filtersfiltered_services = services.list(
folder="Texas",
protocol=['tcp'],
tag=['Production']
)
# Print the resultsfor svc in services:
print(f"Name: {svc.name}")
if svc.protocol.tcp:
print(f"TCP Ports: {svc.protocol.tcp.port}")
elif svc.protocol.udp:
print(f"UDP Ports: {svc.protocol.udp.port}")
# List only TCP servicestcp_services = services.list(
folder="Texas",
protocol=['tcp']
)
# List services with specific tagstagged_services = services.list(
folder="Texas",
tag=['Automation']
)
# Combine multiple filtersfiltered_services = services.list(
folder="Texas",
protocol=['tcp'],
tag=['Production']
)
# Print the resultsfor svc in services:
print(f"Name: {svc.name}")
if svc.protocol.tcp:
print(f"TCP Ports: {svc.protocol.tcp.port}")
elif svc.protocol.udp:
print(f"UDP Ports: {svc.protocol.udp.port}")
Fetching Services
The fetch() method retrieves a single service by name from a specific container.
service_obj = services.fetch(name="web-service", folder="Texas")
print(f"Found service: {service_obj['name']}")
print(f"Current ports: {service_obj['protocol']['tcp']['port']}")
print(f"Found service: {service_obj['name']}")
print(f"Current ports: {service_obj['protocol']['tcp']['port']}")
Full Workflow Example
Here's a complete example demonstrating the full lifecycle of a service:
from scm.client import Scm
from scm.config.objects import Service
# Initialize clientclient = Scm(
client_id="your_client_id",
client_secret="your_client_secret",
tsg_id="your_tsg_id"
)
# Initialize service objectservices = Service(client)
# Create new servicecreate_data = {
"name": "test-service",
"protocol": {
"tcp": {
"port": "8080",
"override": {
"timeout": 30
}
}
},
"description": "Test service",
"folder": "Texas"
}
new_service = services.create(create_data)
print(f"Created service: {new_service.name}")
# Fetch the service by namefetched_service = services.fetch(
name="test-service",
folder="Texas"
)
# Modify the fetched servicefetched_service["description"] = "Updated test service"
fetched_service["protocol"]["tcp"]["port"] = "8080,8443"
# Update using the modified objectupdated_service = services.update(fetched_service)
print(f"Updated service: {updated_service.name}")
print(f"New ports: {updated_service.protocol.tcp.port}")
# List all servicesservices = services.list(folder="Texas")
for svc in services:
print(f"Listed service: {svc.name}")
# Clean upservices.delete(new_service.id)
print("Service deleted successfully")
from scm.config.objects import Service
# Initialize clientclient = Scm(
client_id="your_client_id",
client_secret="your_client_secret",
tsg_id="your_tsg_id"
)
# Initialize service objectservices = Service(client)
# Create new servicecreate_data = {
"name": "test-service",
"protocol": {
"tcp": {
"port": "8080",
"override": {
"timeout": 30
}
}
},
"description": "Test service",
"folder": "Texas"
}
new_service = services.create(create_data)
print(f"Created service: {new_service.name}")
# Fetch the service by namefetched_service = services.fetch(
name="test-service",
folder="Texas"
)
# Modify the fetched servicefetched_service["description"] = "Updated test service"
fetched_service["protocol"]["tcp"]["port"] = "8080,8443"
# Update using the modified objectupdated_service = services.update(fetched_service)
print(f"Updated service: {updated_service.name}")
print(f"New ports: {updated_service.protocol.tcp.port}")
# List all servicesservices = services.list(folder="Texas")
for svc in services:
print(f"Listed service: {svc.name}")
# Clean upservices.delete(new_service.id)
print("Service deleted successfully")