search

PaloAltoNetworks / terraform-provider-panos

Terraform Panos provider
https://www.terraform.io/docs/providers/panos/
MIT License
89 stars 71 forks source link

panos_security_policy Supposedly deleted all security policies not defined in terraform which is not true for panorama #362

Closed gabriel-montiel-netdatanetworks closed 1 year ago

gabriel-montiel-netdatanetworks commented 1 year ago

Documentation link

https://registry.terraform.io/providers/PaloAltoNetworks/panos/latest/docs/resources/security_policy#panos_panorama_security_policy

Describe the problem

Warning On the terrraform palo alto provider documentation is says the following: : This resource will remove any security rule not defined in this resource. <--- This is not true for Panorama, tested on 10.1.7

Suggested fix

Clarify is this only for policies directly with Firewalls and not to Panorama Managed Security Policies

welcome-to-palo-alto-networks[bot] commented 1 year ago

:tada: Thanks for opening your first issue here! Welcome to the community!

shinmog commented 1 year ago

You're in the "changed functionality" zone of PAN-OS:

10.1.5 >= x > 10.2

Here's another issue about the same thing where this was investigated: #350

In the short term, upgrading to 10.2 (and staying on 10.2) will resolve this issue. The long term is still being figured out...