.png?sv=2022-11-02&ss=b&srt=o&spr=https&st=2024-05-20T13%3A03%3A04Z&se=2024-05-20T13%3A13%3A04Z&sp=r&sig=CRhMIU4aWacavRI0JPtTsR42jM4CPl4oK%2FA68vMY24U%3D){kind=logo}
Security Rule Creation (Panorama) - Workflow
- 25 Jan 2024
-
DarkLight
-
PDF
Security Rule Creation (Panorama) - Workflow
- Updated on 25 Jan 2024
-
DarkLight
-
PDF
Article Summary
Share feedback
Thanks for sharing your feedback!
Let’s move into the Create Security Rule - Panorama use case. We will begin by reviewing the Itential Pre-Builts that we are using for today’s Workshop.
- Create Security Pre Rule - Panorama
- Create Security Post Rule - Panorama
- Commit - Panorama
These Itential Pre-Builts are an excellent example of modular automations. They can be incorporated as steps in a larger automation very easily. We will incorporate these modular automations through the use of child jobs. A child job is a workflow nested within another workflow, allowing for the same workflows to be referenced in multiple automations. Rather than recreating the same workflow multiple times, we are reusing the same asset so that only one workflow needs to be maintained going forward.
Workflow Video (Part 1)
Step 1
From the Itential Automation Platform dashboard, click Automation Studio in the left navigation panel.
Click Workflows on the left to expand.
Step 2
Click the Create Security Rule - Panorama group and then click the Create Security Pre Rule - Panorama workflow.
Step 3
The Create Security Pre Rule - Panorama Pre-Built workflow utilizes the Itential Panorama Adapter. There are three main tasks: getSecurityPreRules, createSecurityPreRules, and getSecurityPreRules. Those tasks address the Pre-Check, Provisioning, and Post-Check steps for Panorama Pre Rules.
Step 4
Similar to the Pre Rule, the Create Security Post Rule - Panorama Pre-Built workflow utilizes the Itential Panorama Adapter. There are three main tasks: getSecurityPostRules, createSecurityPostRules, and getSecurityPostRules. Those tasks address the Pre-Check, Provisioning, and Post-Check steps for Panorama Post Rules.
Step 5
The Commit - Panorama Pre-Built workflow utilizes the Itential Panorama Adapter to process the commit task in the Panorama controller. This will save the changes to Panorama's database.
Workflow Video (Part 2)
Step 6
From the Automation Studio dashboard, click the + at the top of the left navigation panel.
Step 7
Select Workflow from the dropdown list. Name it Lab - Create Security Rule - Panorama - XX and click CREATE. (XX represents your initials)
Step 8
A fresh workflow canvas opens. In this use case we would like to build our workflow horizontally, so we click and drag the termination tasks so that they are aligned horizontally on our canvas.
Step 9
Add the Transformation task by entering Transformation into the Search box of the Task pallet. The Transformation task appears. Click and drag the Transformation task to add it to the right of the Start task.
Step 10
Next, you need to add an evaluation task. Evaluation tasks are used to evaluate the output of a previous task for specific criteria and define which path the automation should take based on the data.
Enter evaluation in the search box. Add two evaluation tasks to the canvas.
Step 11
Add a pair of Child Job tasks by entering childjob in the search box. Align the first Child Job task horizontally with the top Evaluation task, and the second Child Job task horizontally with the bottom Evaluation task.
Step 12
Next, you will need to add one more childJob task. Place this task to the right of the previous child job tasks and align it with the END terminator.
Step 13
The next step is to add transitions which will connect the tasks together to form the workflow.
This is done by first clicking the task you want to transition from, which will highlight the task with a dashed border. Click within the dashed border and begin dragging the transitions toward the destination task. When the transition snaps to the destination task, release the mouse button.
Note: The default transition is a (S) Success transition. If you would like to add an (E) Error or a (F) Failure transition, press and hold the E or the F key on your keyboard as you are adding a transition.
Step 14
Repeat this process to add the remaining transitions, connecting the Transformation task to each of the Evaluation tasks. The Evaluation Tasks to the corresponding Child Job tasks, and the first two Child Job tasks to the final Child Job task. Connect the final Child Job task to the End task.
Workflow Video (Part 3)
Step 15
Now that the tasks have been added to our canvas, and connected with transitions, we will begin configuring each task, starting with the Transformation task. Double-click the Transformation task to configure it.
Step 16
Type Panorama in the Transformation Name field and select the Transformation Lab - Create Panorama Security Rule JST. The purpose of the Transformation is to extract the individual values submitted in the form.
By changing the Variable Source for formData of the Incoming Schema from static to job, we are configuring the Transformation task to source the data from the form inputs submitted to the workflow, rather than static inputs. Ensure formData appears in the Job Variable field and click Save.
Close the Transformation task.
Step 17
Double click the top evaluation task to configure it. Enter Create Pre Rule? for both the summary.
Step 18
We need to add an Evaluation Group. Click + Add Evaluation Group. A new Evaluation Group appears.
Step 19
We need to add criteria to our Evaluation Group. Click +Add Evaluation. The evaluation criteria appears
Step 20
Change the Operand A Source from Static to Task. The task will default to the Lab-Create Panorama Security Rule JST from the Transformation task, so we will not need to make any changes to this value. Change the Task Variable from ruleLocation to policyType.
Step 21
Use the dropdown to set the Operator between the operand values to equals.
Step 22
We will keep Static as the Operand B Source and enter Security Pre Rule for the value.
Close the Evaluation task.
Step 23
We will do a similar exercise for Security Post Rules. Double click the bottom evaluation task to configure it. Enter Create Post Rule? for the summary.
Step 24
Click + Add Evaluation Group, and then +Add Evaluation.
Step 25
Change the Operand A Source from Static to Task. The task will again default to the Lab-Create Panorama Security Rule JST from the Transformation task. Change the Task Variable from ruleLocation to policyType.
Step 26
Use the dropdown to set the Operator between the operand values to equals.
Step 27
We will again keep Static as the Operand B Source and enter Security Post Rule for the value.
Close the Evaluation task.
Workflow Video (Part 4)
Step 28
Double-click the top Child Job task to configure it. Navigate to the Details tab and enter Create Security Pre Rule for the Summary and Pre Rule Itential Pre-Built for the Description.
Step 29
Returning to the Data tab, you will need to find the workflow that will be used by the Child Job task. To filter the list, enter Pre and then press enter. Select Create Security Pre Rule - Panorama.
Step 30
For each Job Variable of the Child Job task, use the dropdown to select Lab - Create Panorama Security Rule JST.
For the name variable, use the Task Variable dropdown to set the value to Name.
Step 31
For each Job Variable, use the dropdown to select Lab - Create Panorama Security Rule JST and then set each Task Variable to the value shown in the table. When you are finished, close the Child Job task.
| Variable | Value |
|---|---|
| name | name |
| description | description |
| ruleLocation | ruleLocation |
| ruleType | ruleType |
| schedule | schedule |
| logStart | logStart |
| logEnd | logEnd |
| fromMembers | from |
| toMembers | to |
| sourceMembers | source |
| destinationMember | destination |
| action | action |
Step 32
Double-click the bottom child job task to configure it. Navigate to the Details tab and enter Create Security Post Rule for the Summary and Post Rule Itential Pre-Built for the Description.
Step 33
Returning to the Data tab, you will need to find the workflow that will be used by the Child Job task. To filter the list, enter Post and then press enter. Select Create Security Post Rule - Panorama.
Step 34
For each Job Variable of the Child Job task, use the dropdown to select Lab - Create Panorama Security Rule JST. Set each Task Variable to the value shown in the table. When you are finished close the Child Job task.
| Variable | Value |
|---|---|
| name | name |
| description | description |
| ruleLocation | ruleLocation |
| ruleType | ruleType |
| schedule | schedule |
| logStart | logStart |
| logEnd | logEnd |
| fromMembers | from |
| toMembers | to |
| sourceMembers | source |
| destinationMembers | destination |
| action | action |
Step 35
Double-click the last Child Job task to configure it. On the Details tab, enter Commit for the Summary and Commit Itential Pre-Built for the Description.
Step 36
Return to the Data tab to locate the workflow the Child Job task will use. Enter Commit and press enter, then select Commit-Panorama.
There are no Job Variables to configure for this workflow, so we will close the Child Job task.
Step 37
Click the Save Icon, followed by the ▶ Icon.
Step 38
The Set Variables window opens, showing the variables the workflow requires to run. This workflow expects to receive one variable, formData, which will be passed in from Operations Manager, which will be covered in the next module.
The START button will run the workflow, but we are only testing it to confirm the inputs. Your view should match the image below.
Click the CANCEL button.
Was this article helpful?
