About panco
pancois written using the Go programming language- The underlying library behind it Palo Alto’s pango library, as well as a few custom API calls.
How It Works
When panco creates or modifies an object, it uses the “set” API action against
the device. When modifying existing rules, the panco policy edit command does use the “edit” API action. There are very important differences between
the two as described below.
Set and edit actions differ in two important ways:
- Set actions add, update, or merge configuration nodes, while edit actions replace configuration nodes.
- Set actions are non-destructive and are only additive, while edit actions can be destructive.
The last bullet point is important! Please use caution when running the edit command against policy. More information on this can be found on the edit command page.
For more infomation on these actions, please refer to the following guide from Palo Alto:
Actions for Modifying a Configuration
Contact Me
If you run into issues, or need assistance, please submit an issue on the main Github repository.