Palo Alto Networks

Cloud NGFW API

REST APIs for managing Palo Alto Networks Cloud NGFW, a cloud-native managed firewall service available on AWS and Azure. The API supports creating and managing firewall resources, configuring security rules and rule stacks, managing FQDN lists and prefix lists, and retrieving firewall logs. On AWS, authentication uses IAM roles; on Azure, authentication uses Azure Active Directory.

Documentation GitHub OpenAPI

Documentation

https://pan.dev/cloudngfw/aws/api/

https://pan.dev/cloudngfw/docs/getstarted_azure/

Specifications

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/openapi/palo-alto-cloud-ngfw-api-openapi-original.yml

Examples

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/examples/cloud-ngfw-api-firewall-example.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/examples/cloud-ngfw-api-firewall-request-example.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/examples/cloud-ngfw-api-firewall-summary-example.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/examples/cloud-ngfw-api-fqdn-list-example.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/examples/cloud-ngfw-api-fqdn-list-request-example.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/examples/cloud-ngfw-api-fqdn-list-summary-example.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/examples/cloud-ngfw-api-prefix-list-example.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/examples/cloud-ngfw-api-prefix-list-request-example.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/examples/cloud-ngfw-api-prefix-list-summary-example.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/examples/cloud-ngfw-api-response-status-example.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/examples/cloud-ngfw-api-rule-destination-example.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/examples/cloud-ngfw-api-rule-source-example.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/examples/cloud-ngfw-api-rule-stack-example.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/examples/cloud-ngfw-api-rule-stack-request-example.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/examples/cloud-ngfw-api-rule-stack-summary-example.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/examples/cloud-ngfw-api-security-rule-example.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/examples/cloud-ngfw-api-security-rule-request-example.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/examples/cloud-ngfw-api-security-rule-summary-example.json

Schemas & Data

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-schema/cloud-ngfw-api-firewall-request-schema.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-schema/cloud-ngfw-api-firewall-schema.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-schema/cloud-ngfw-api-firewall-summary-schema.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-schema/cloud-ngfw-api-fqdn-list-request-schema.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-schema/cloud-ngfw-api-fqdn-list-schema.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-schema/cloud-ngfw-api-fqdn-list-summary-schema.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-schema/cloud-ngfw-api-prefix-list-request-schema.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-schema/cloud-ngfw-api-prefix-list-schema.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-schema/cloud-ngfw-api-prefix-list-summary-schema.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-schema/cloud-ngfw-api-response-status-schema.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-schema/cloud-ngfw-api-rule-destination-schema.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-schema/cloud-ngfw-api-rule-source-schema.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-schema/cloud-ngfw-api-rule-stack-request-schema.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-schema/cloud-ngfw-api-rule-stack-schema.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-schema/cloud-ngfw-api-rule-stack-summary-schema.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-schema/cloud-ngfw-api-security-rule-request-schema.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-schema/cloud-ngfw-api-security-rule-schema.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-schema/cloud-ngfw-api-security-rule-summary-schema.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-structure/cloud-ngfw-api-firewall-request-structure.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-structure/cloud-ngfw-api-firewall-structure.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-structure/cloud-ngfw-api-firewall-summary-structure.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-structure/cloud-ngfw-api-fqdn-list-request-structure.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-structure/cloud-ngfw-api-fqdn-list-structure.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-structure/cloud-ngfw-api-fqdn-list-summary-structure.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-structure/cloud-ngfw-api-prefix-list-request-structure.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-structure/cloud-ngfw-api-prefix-list-structure.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-structure/cloud-ngfw-api-prefix-list-summary-structure.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-structure/cloud-ngfw-api-response-status-structure.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-structure/cloud-ngfw-api-rule-destination-structure.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-structure/cloud-ngfw-api-rule-source-structure.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-structure/cloud-ngfw-api-rule-stack-request-structure.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-structure/cloud-ngfw-api-rule-stack-structure.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-structure/cloud-ngfw-api-rule-stack-summary-structure.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-structure/cloud-ngfw-api-security-rule-request-structure.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-structure/cloud-ngfw-api-security-rule-structure.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-structure/cloud-ngfw-api-security-rule-summary-structure.json

Other Resources

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-ld/palo-alto-cloud-ngfw-api-context.jsonld

OpenAPI Specification

openapi: 3.1.0
info:
  title: Palo Alto Networks Cloud NGFW for AWS REST API
  description: >-
    REST API for managing Palo Alto Networks Cloud Next-Generation Firewall
    (Cloud NGFW) deployments on Amazon Web Services. Provides programmatic
    access to create and manage rule stacks, security rules, FQDN lists,
    prefix lists, and Cloud NGFW firewall instances. Authentication uses AWS
    IAM Signature Version 4 (SigV4) request signing with an IAM role or user
    that has been granted the appropriate Cloud NGFW IAM permissions. Rule
    stack changes are staged in candidate configuration and must be explicitly
    committed to take effect.
  version: '1.0'
  contact:
    name: Palo Alto Networks Developer Support
    url: https://pan.dev/cloudngfw/aws/
  license:
    name: Proprietary
    url: https://www.paloaltonetworks.com/legal
servers:
- url: https://api.{region}.aws.cloudngfw.paloaltonetworks.com/v1
  description: Cloud NGFW for AWS regional API endpoint.
  variables:
    region:
      description: >-
        AWS region where Cloud NGFW is deployed (e.g., us-east-1,
        us-west-2, eu-west-1).
      default: us-east-1
security:
- awsSigV4: []
tags:
- name: Firewalls
  description: Cloud NGFW firewall instance management.
- name: FQDNLists
  description: FQDN list management for use in security rule destination criteria.
- name: PrefixLists
  description: IP prefix list management for use in security rule source and destination criteria.
- name: RuleStacks
  description: Rule stack management. Rule stacks contain the security policy applied to Cloud NGFW instances.
- name: SecurityRules
  description: Security rules within rule stacks.
paths:
  /config/rulestacks:
    get:
      operationId: listRuleStacks
      summary: Palo Alto Networks List Rule Stacks
      description: >-
        Returns a paginated list of all rule stacks in the account. Rule stacks
        contain security rules, FQDN lists, prefix lists, and security profiles
        that define the firewall policy applied to Cloud NGFW instances.
      tags:
      - RuleStacks
      parameters:
      - name: maxresults
        in: query
        description: Maximum number of rule stacks to return per page.
        schema:
          type: integer
          default: 100
          maximum: 1000
        example: 100
      - name: nexttoken
        in: query
        description: Pagination token from a previous response.
        schema:
          type: string
        example: example-nexttoken
      - name: scope
        in: query
        description: Scope filter for rule stacks.
        schema:
          type: string
          enum:
          - Local
          - Global
        example: Global
      responses:
        '200':
          description: Rule stacks returned successfully.
          content:
            application/json:
              schema:
                type: object
                properties:
                  Response:
                    type: object
                    properties:
                      RuleStackCandidates:
                        type: array
                        items:
                          $ref: '#/components/schemas/RuleStackSummary'
                      NextToken:
                        type: string
                        description: Token for retrieving the next page of results.
                  ResponseStatus:
                    $ref: '#/components/schemas/ResponseStatus'
              examples:
                ListRuleStacks200Example:
                  summary: Default listRuleStacks 200 response
                  x-microcks-default: true
                  value:
                    Response:
                      RuleStackCandidates:
                      - RuleStackName: Corporate Sensor 39
                        Scope: Local
                        Status: ACTIVE
                      NextToken: example-NextToken
                    ResponseStatus:
                      ErrorCode: 0
                      Reason: ''
        '400':
          $ref: '#/components/responses/BadRequest'
        '401':
          $ref: '#/components/responses/Unauthorized'
        '403':
          $ref: '#/components/responses/Forbidden'
        '500':
          $ref: '#/components/responses/InternalServerError'
      x-microcks-operation:
        delay: 0
        dispatcher: FALLBACK
    post:
      operationId: createRuleStack
      summary: Palo Alto Networks Create Rule Stack
      description: >-
        Creates a new rule stack. A rule stack is a container for firewall
        policy including security rules, FQDN lists, and prefix lists. Rule
        stacks are associated with Cloud NGFW firewall instances to define
        their security policy.
      tags:
      - RuleStacks
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/RuleStackRequest'
            examples:
              CreateRuleStackRequestExample:
                summary: Default createRuleStack request
                x-microcks-default: true
                value:
                  RuleStackName: Branch Policy 33
                  RuleStackEntry: &id002
                    Description: Firewall endpoint applied malware violation network activity detected violation threat.
                    Scope: Local
                    MinAppIdVersion: 2.0.3
                    Profile:
                      AntiSpywareProfile: HVAC Controller
                      AntiVirusProfile: HVAC Controller
                      VulnerabilityProfile: HVAC Controller
                      URLFilteringProfile: HVAC Controller
      responses:
        '200':
          description: Rule stack created successfully.
          content:
            application/json:
              schema:
                type: object
                properties:
                  Response:
                    $ref: '#/components/schemas/RuleStack'
                  ResponseStatus:
                    $ref: '#/components/schemas/ResponseStatus'
              examples:
                CreateRuleStack200Example:
                  summary: Default createRuleStack 200 response
                  x-microcks-default: true
                  value:
                    Response:
                      RuleStackName: Primary Agent 48
                      RuleStackEntry: &id001
                        Description: Detected monitoring blocked endpoint Security Security on detected.
                        Scope: Local
                        MinAppIdVersion: 7.5.1
                        LookupXForwardedFor: None
                        Profile:
                          AntiSpywareProfile: Network Printer
                          AntiVirusProfile: HVAC Controller
                          VulnerabilityProfile: HVAC Controller
                          URLFilteringProfile: Network Printer
                          FileBlockingProfile: Network Printer
                      UpdateToken: example-UpdateToken
                    ResponseStatus:
                      ErrorCode: 0
                      Reason: ''
        '400':
          $ref: '#/components/responses/BadRequest'
        '401':
          $ref: '#/components/responses/Unauthorized'
        '409':
          $ref: '#/components/responses/Conflict'
      x-microcks-operation:
        delay: 0
        dispatcher: FALLBACK
  /config/rulestacks/{rulestack}:
    get:
      operationId: getRuleStack
      summary: Palo Alto Networks Get Rule Stack
      description: Returns the configuration of a specific rule stack by name.
      tags:
      - RuleStacks
      parameters:
      - $ref: '#/components/parameters/rulestack'
      - name: candidate
        in: query
        description: Return candidate (uncommitted) configuration if true.
        schema:
          type: boolean
          default: false
        example: false
      responses:
        '200':
          description: Rule stack returned successfully.
          content:
            application/json:
              schema:
                type: object
                properties:
                  Response:
                    $ref: '#/components/schemas/RuleStack'
                  ResponseStatus:
                    $ref: '#/components/schemas/ResponseStatus'
              examples:
                GetRuleStack200Example:
                  summary: Default getRuleStack 200 response
                  x-microcks-default: true
                  value:
                    Response:
                      RuleStackName: Primary Agent 48
                      RuleStackEntry: *id001
                      UpdateToken: example-UpdateToken
                    ResponseStatus:
                      ErrorCode: 0
                      Reason: ''
        '401':
          $ref: '#/components/responses/Unauthorized'
        '404':
          $ref: '#/components/responses/NotFound'
      x-microcks-operation:
        delay: 0
        dispatcher: FALLBACK
    put:
      operationId: updateRuleStack
      summary: Palo Alto Networks Update Rule Stack
      description: >-
        Updates the configuration of an existing rule stack. Changes are staged
        in candidate configuration until committed via the commit endpoint.
      tags:
      - RuleStacks
      parameters:
      - $ref: '#/components/parameters/rulestack'
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/RuleStackRequest'
            examples:
              UpdateRuleStackRequestExample:
                summary: Default updateRuleStack request
                x-microcks-default: true
                value:
                  RuleStackName: Branch Policy 33
                  RuleStackEntry: *id002
      responses:
        '200':
          description: Rule stack updated successfully.
          content:
            application/json:
              schema:
                type: object
                properties:
                  Response:
                    $ref: '#/components/schemas/RuleStack'
                  ResponseStatus:
                    $ref: '#/components/schemas/ResponseStatus'
              examples:
                UpdateRuleStack200Example:
                  summary: Default updateRuleStack 200 response
                  x-microcks-default: true
                  value:
                    Response:
                      RuleStackName: Primary Agent 48
                      RuleStackEntry: *id001
                      UpdateToken: example-UpdateToken
                    ResponseStatus:
                      ErrorCode: 0
                      Reason: ''
        '400':
          $ref: '#/components/responses/BadRequest'
        '401':
          $ref: '#/components/responses/Unauthorized'
        '404':
          $ref: '#/components/responses/NotFound'
      x-microcks-operation:
        delay: 0
        dispatcher: FALLBACK
    delete:
      operationId: deleteRuleStack
      summary: Palo Alto Networks Delete Rule Stack
      description: >-
        Deletes a rule stack. The rule stack must not be associated with any
        active Cloud NGFW firewall instances before deletion.
      tags:
      - RuleStacks
      parameters:
      - $ref: '#/components/parameters/rulestack'
      responses:
        '200':
          description: Rule stack deleted successfully.
          content:
            application/json:
              schema:
                type: object
                properties:
                  ResponseStatus:
                    $ref: '#/components/schemas/ResponseStatus'
              examples:
                DeleteRuleStack200Example:
                  summary: Default deleteRuleStack 200 response
                  x-microcks-default: true
                  value:
                    ResponseStatus:
                      ErrorCode: 0
                      Reason: ''
        '401':
          $ref: '#/components/responses/Unauthorized'
        '404':
          $ref: '#/components/responses/NotFound'
        '409':
          $ref: '#/components/responses/Conflict'
      x-microcks-operation:
        delay: 0
        dispatcher: FALLBACK
  /config/rulestacks/{rulestack}/commit:
    post:
      operationId: commitRuleStack
      summary: Palo Alto Networks Commit Rule Stack
      description: >-
        Commits the candidate configuration of the rule stack to the running
        configuration. This applies all staged changes to active Cloud NGFW
        firewall instances associated with this rule stack.
      tags:
      - RuleStacks
      parameters:
      - $ref: '#/components/parameters/rulestack'
      responses:
        '200':
          description: Rule stack commit initiated successfully.
          content:
            application/json:
              schema:
                type: object
                properties:
                  Response:
                    type: object
                    properties:
                      CommitStatus:
                        type: string
                        enum:
                        - CommitSuccess
                        - CommitFailed
                        - CommitInProgress
                      JobId:
                        type: string
                        description: Job ID to poll for commit completion status.
                  ResponseStatus:
                    $ref: '#/components/schemas/ResponseStatus'
              examples:
                CommitRuleStack200Example:
                  summary: Default commitRuleStack 200 response
                  x-microcks-default: true
                  value:
                    Response:
                      CommitStatus: CommitFailed
                      JobId: '850717'
                    ResponseStatus:
                      ErrorCode: 0
                      Reason: ''
        '400':
          $ref: '#/components/responses/BadRequest'
        '401':
          $ref: '#/components/responses/Unauthorized'
        '404':
          $ref: '#/components/responses/NotFound'
      x-microcks-operation:
        delay: 0
        dispatcher: FALLBACK
  /config/rulestacks/{rulestack}/security-rules:
    get:
      operationId: listSecurityRules
      summary: Palo Alto Networks List Security Rules
      description: >-
        Returns all security rules in the specified rule stack. Security rules
        are evaluated in priority order and define traffic inspection and
        forwarding policy for the Cloud NGFW.
      tags:
      - SecurityRules
      parameters:
      - $ref: '#/components/parameters/rulestack'
      - name: maxresults
        in: query
        description: Maximum number of rules to return.
        schema:
          type: integer
          default: 100
        example: 100
      - name: nexttoken
        in: query
        description: Pagination token from a previous response.
        schema:
          type: string
        example: example-nexttoken
      - name: listtype
        in: query
        description: Whether to return candidate or running configuration.
        schema:
          type: string
          enum:
          - CANDIDATE
          - RUNNING
          default: CANDIDATE
        example: CANDIDATE
      responses:
        '200':
          description: Security rules returned successfully.
          content:
            application/json:
              schema:
                type: object
                properties:
                  Response:
                    type: object
                    properties:
                      RuleListCandidate:
                        type: array
                        items:
                          $ref: '#/components/schemas/SecurityRuleSummary'
                      NextToken:
                        type: string
                  ResponseStatus:
                    $ref: '#/components/schemas/ResponseStatus'
              examples:
                ListSecurityRules200Example:
                  summary: Default listSecurityRules 200 response
                  x-microcks-default: true
                  value:
                    Response:
                      RuleListCandidate:
                      - Priority: 234
                        RuleName: Production Policy 12
                        Enabled: false
                      NextToken: example-NextToken
                    ResponseStatus:
                      ErrorCode: 0
                      Reason: ''
        '400':
          $ref: '#/components/responses/BadRequest'
        '401':
          $ref: '#/components/responses/Unauthorized'
        '404':
          $ref: '#/components/responses/NotFound'
      x-microcks-operation:
        delay: 0
        dispatcher: FALLBACK
    post:
      operationId: createSecurityRule
      summary: Palo Alto Networks Create Security Rule
      description: >-
        Creates a new security rule in the rule stack at the specified priority.
        Rules with lower priority numbers are evaluated first. Define source
        and destination criteria, applications, and the enforcement action.
      tags:
      - SecurityRules
      parameters:
      - $ref: '#/components/parameters/rulestack'
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/SecurityRuleRequest'
            examples:
              CreateSecurityRuleRequestExample:
                summary: Default createSecurityRule request
                x-microcks-default: true
                value:
                  Priority: 48316
                  RuleEntry: &id004
                    RuleName: Primary Gateway 01
                    Description: Activity Security blocked suspicious threat alert activity firewall.
                    Enabled: true
                    Source:
                      Cidrs:
                      - example-Cidrs_item
                      Countries:
                      - example-Countries_item
                      Feeds:
                      - example-Feeds_item
                      - example-Feeds_item
                      PrefixLists:
                      - example-PrefixLists_item
                      - example-PrefixLists_item
                    Destination:
                      Cidrs:
                      - example-Cidrs_item
                      - example-Cidrs_item
                      Countries:
                      - example-Countries_item
                      - example-Countries_item
                      Feeds:
                      - example-Feeds_item
                      FqdnLists:
                      - example-FqdnLists_item
                      - example-FqdnLists_item
                      PrefixLists:
                      - example-PrefixLists_item
                    Applications:
                    - ssh
                    Protocol: APPLICATION-DEFAULT
                    Action: DenySilent
      responses:
        '200':
          description: Security rule created successfully.
          content:
            application/json:
              schema:
                type: object
                properties:
                  Response:
                    $ref: '#/components/schemas/SecurityRule'
                  ResponseStatus:
                    $ref: '#/components/schemas/ResponseStatus'
              examples:
                CreateSecurityRule200Example:
                  summary: Default createSecurityRule 200 response
                  x-microcks-default: true
                  value:
                    Response:
                      Priority: 707
                      RuleEntry: &id003
                        RuleName: Primary Gateway 01
                        Description: Firewall alert incident monitoring investigation threat threat blocked activity monitoring.
                        Enabled: true
                        Source:
                          Cidrs:
                          - example-Cidrs_item
                          - example-Cidrs_item
                          Countries:
                          - example-Countries_item
                          - example-Countries_item
                          Feeds:
                          - example-Feeds_item
                          PrefixLists:
                          - example-PrefixLists_item
                        NegateSource: false
                        Destination:
                          Cidrs:
                          - example-Cidrs_item
                          Countries:
                          - example-Countries_item
                          - example-Countries_item
                          Feeds:
                          - example-Feeds_item
                          FqdnLists:
                          - example-FqdnLists_item
                          - example-FqdnLists_item
                          PrefixLists:
                          - example-PrefixLists_item
                        NegateDestination: false
                        Applications:
                        - dns
                        - web-browsing
                        Category:
                          URLCategoryNames:
                          - Production Sensor 06
                          Feeds:
                          - example-Feeds_item
                        Protocol: UDP
                        Action: Allow
                        DecryptionRuleType: SSLOutboundInspection
                        AuditComment: Rule malware monitoring malware firewall violation suspicious detected applied firewall detected applied.
                    ResponseStatus:
                      ErrorCode: 0
                      Reason: ''
        '400':
          $ref: '#/components/responses/BadRequest'
        '401':
          $ref: '#/components/responses/Unauthorized'
        '409':
          $ref: '#/components/responses/Conflict'
      x-microcks-operation:
        delay: 0
        dispatcher: FALLBACK
  /config/rulestacks/{rulestack}/security-rules/{priority}:
    get:
      operationId: getSecurityRule
      summary: Palo Alto Networks Get Security Rule
      description: Returns a specific security rule by its priority number within the rule stack.
      tags:
      - SecurityRules
      parameters:
      - $ref: '#/components/parameters/rulestack'
      - $ref: '#/components/parameters/priority'
      - name: candidate
        in: query
        description: Return candidate configuration if true, running configuration if false.
        schema:
          type: boolean
          default: true
        example: true
      responses:
        '200':
          description: Security rule returned successfully.
          content:
            application/json:
              schema:
                type: object
                properties:
                  Response:
                    $ref: '#/components/schemas/SecurityRule'
                  ResponseStatus:
                    $ref: '#/components/schemas/ResponseStatus'
              examples:
                GetSecurityRule200Example:
                  summary: Default getSecurityRule 200 response
                  x-microcks-default: true
                  value:
                    Response:
                      Priority: 707
                      RuleEntry: *id003
                    ResponseStatus:
                      ErrorCode: 0
                      Reason: ''
        '401':
          $ref: '#/components/responses/Unauthorized'
        '404':
          $ref: '#/components/responses/NotFound'
      x-microcks-operation:
        delay: 0
        dispatcher: FALLBACK
    put:
      operationId: updateSecurityRule
      summary: Palo Alto Networks Update Security Rule
      description: Updates an existing security rule at the specified priority in the rule stack.
      tags:
      - SecurityRules
      parameters:
      - $ref: '#/components/parameters/rulestack'
      - $ref: '#/components/parameters/priority'
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/SecurityRuleRequest'
            examples:
              UpdateSecurityRuleRequestExample:
                summary: Default updateSecurityRule request
                x-microcks-default: true
                value:
                  Priority: 48316
                  RuleEntry: *id004
      responses:
        '200':
          description: Security rule updated successfully.
          content:
            application/json:
              schema:
                type: object
                properties:
                  Response:
                    $ref: '#/components/schemas/SecurityRule'
                  ResponseStatus:
                    $ref: '#/components/schemas/ResponseStatus'
              examples:
                UpdateSecurityRule200Example:
                  summary: Default updateSecurityRule 200 response
                  x-microcks-default: true
                  value:
                    Response:
                      Priority: 707
                      RuleEntry: *id003
                    ResponseStatus:
                      ErrorCode: 0
                      Reason: ''
        '400':
          $ref: '#/components/responses/BadRequest'
        '401':
          $ref: '#/components/responses/Unauthorized'
        '404':
          $ref: '#/components/responses/NotFound'
      x-microcks-operation:
        delay: 0
        dispatcher: FALLBACK
    delete:
      operationId: deleteSecurityRule
      summary: Palo Alto Networks Delete Security Rule
      description: Deletes the security rule at the specified priority from the rule stack.
      tags:
      - SecurityRules
      parameters:
      - $ref: '#/components/parameters/rulestack'
      - $ref: '#/components/parameters/priority'
      responses:
        '200':
          description: Security rule deleted successfully.
          content:
            application/json:
              schema:
                type: object
                properties:
                  ResponseStatus:
                    $ref: '#/components/schemas/ResponseStatus'
              examples:
                DeleteSecurityRule200Example:
                  summary: Default deleteSecurityRule 200 response
                  x-microcks-default: true
                  value:
                    ResponseStatus:
                      ErrorCode: 0
                      Reason: ''
        '401':
          $ref: '#/components/responses/Unauthorized'
        '404':
          $ref: '#/components/responses/NotFound'
      x-microcks-operation:
        delay: 0
        dispatcher: FALLBACK
  /config/rulestacks/{rulestack}/fqdnlists:
    get:
      operationId: listFqdnLists
      summary: Palo Alto Networks List FQDN Lists
      description: >-
        Returns all FQDN lists in the specified rule stack. FQDN lists contain
        domain name entries referenced in security rule destination criteria.
      tags:
      - FQDNLists
      parameters:
      - $ref: '#/components/parameters/rulestack'
      - name: maxresults
        in: query
        schema:
          type: integer
          default: 100
        example: 100
      - name: nexttoken
        in: query
        schema:
          type: string
        example: example-nexttoken
      responses:
        '200':
          description: FQDN lists returned successfully.
          content:
            application/json:
              schema:
                type: object
                properties:
                  Response:
                    type: object
                    properties:
                      FqdnListCandidates:
                        type: array
                        items:
                          $ref: '#/components/schemas/FqdnListSummary'
                      NextToken:
                        type: string
                  ResponseStatus:
                    $ref: '#/components/schemas/ResponseStatus'
              examples:
                ListFqdnLists200Example:
                  summary: Default listFqdnLists 200 response
                  x-microcks-default: true
                  value:
                    Response:
                      FqdnListCandidates:
                      - FqdnListName: Primary Firewall 80
                      NextToken: example-NextToken
                    ResponseStatus:
                      ErrorCode: 0
                      Reason: ''
        '401':
          $ref: '#/components/responses/Unauthorized'
        '404':
          $ref: '#/components/responses/NotFound'
      x-microcks-operation:
        delay: 0
        dispatcher: FALLBACK
    post:
      operationId: createFqdnList
      summary: Palo Alto Networks Create FQDN List
      description: Creates a new FQDN list in the rule stack with a set of domain name entries.
      tags:
      - FQDNLists
      parameters:
      - $ref: '#/components/parameters/rulestack'
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/FqdnListRequest'
            examples:
              CreateFqdnListRequestExample:
                summary: Default createFqdnList request
                x-microcks-default: true
                value:
                  FqdnListName: Primary Agent 55
                  FqdnListEntry: &id009
                    Description: Network rule endpoint traffic suspicious on configured suspicious policy violation detected.
                    FqdnList:
                    - example-FqdnList_item
                    - example-FqdnList_item
      responses:
        '200':
          description: FQDN list created successfully.
          content:
            application/json:
              schema:
                type: object
                properties:
                  Response:
                    $ref: '#/components/schemas/FqdnList'
                  ResponseStatus:
                    $ref: '#/components/schemas/ResponseStatus'
              examples:
                CreateFqdnList200Example:
                  summary: Default createFqdnList 200 response
                  x-microcks-default: true
                  value:
                    Response:
                      FqdnListName: Production Firewall 87
                      FqdnListEntry: &id008
                        Description: Incident configured activity on configured detected alert investigation policy blocked incident.
                        FqdnList:
                        - example-FqdnList_item
                      UpdateToken: example-UpdateToken
                    ResponseStatus:
                      ErrorCode: 0
                      Reason: ''
        '400':
          $ref: '#/components/responses/BadRequest'
        '401':
          $ref: '#/components/responses/Unauthorized'
        '409':
          $ref: '#/components/responses/Conflict'
      x-microcks-operation:
        delay: 0
        dispatcher: FALLBACK
  /config/rulestacks/{rulestack}/prefixlists:
    get:
      operationId: listPrefixLists
      summary: Palo Alto Networks List Prefix Lists
      description: >-
        Returns all IP prefix lists in the specified rule stack. Prefix lists
        contain CIDR block entries used as source or destination criteria in
        security rules.
      tags:
      - PrefixLists
      parameters:
      - $ref: '#/components/parameters/rulestack'
      - name: maxresults
        in: query
        schema:
          type: integer
          default: 100
        example: 100
      - name: nexttoken
        in: query
        schema:
          type: string
        example: example-nexttoken
      responses:
        '200':
          description: Prefix lists returned successfully.
          content:
            application/json:
              schema:
                type: object
                properties:
                  Response:
                    type: object
                    properties:
                      PrefixListCandidates:
                        type: array
                        items:
                          $ref: '#/components/schemas/PrefixListSummary'
                      NextToken:
                        type: string
                  ResponseStatus:
                    $ref: '#/components/schemas/ResponseStatus'
              examples:
                ListPrefixLists200Example:
                  summary: Default listPrefixLists 200 response
                  x-microcks-default: true
                  value:
                    Response:
                      PrefixListCand

# --- truncated at 32 KB (65 KB total) ---
# Full source: https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/openapi/palo-alto-cloud-ngfw-api-openapi-original.yml