The home of developer docs at
Cloud Native Security
Discover the APIs, tools and techniques necessary for bringing DevOps practices to the cloud.
Prisma Cloud Enterprise Edition
Prisma Cloud Compute Edition
Security Operations
Browse reference docs, tutorials, the XSOAR Marketplace and more.
Cortex XSOAR
Cortex
Network Security
Learn how to make the most of the PAN-OS APIs, SDKs, Expedition, Terraform, Ansible, and more.
AI Runtime Security
PAN-OS
Strata Logging Service
Cloud-Delivered Security Services
Expedition
Strata Cloud Manager
Discover Strata Cloud Manager APIs.
Strata Cloud Manager
Secure Access Service Edge
Discover Prisma SASE APIs, including Prisma Access and Prisma SD-WAN.
Prisma SASE
- Prisma SASE Developer's Guide
- Prisma SASE Changelog
- Prisma SASE Release Notes
- Tenancy Service
- Identity and Access Management
- Authentication Service
- Subscription Service
- Prisma Access Configuration
- ZTNA Connector
- Prisma SD-WAN
- Aggregate Monitoring
- Multitenant Notifications
- Multitenant Interconnect
- Prisma Access Configuration Orchestration
- SaaS Security Posture Management
- Autonomous DEM
- Log Forwarding
Prisma Access Configuration
Prisma Access Browser
Prisma Access Insights
Prisma SASE Service Status
Partner Integrations
Discover technology partner integrations.
Cross-Platform
Learn about opportunities across Palo Alto Networks platforms.
Service Status
Explore our Partner Tools
Software Firewall deployment with Terraform
Leverage validated Terraform Reference Architectures and Modules for VM-Series and CloudNGFW firewalls for rapid and reliable security in the cloud.
Palo Alto Networks as Code with Terraform
Hashicorp's Terraform is widely used to build and deploy infrastructure, safely and efficiently, with high levels of automation and integration.
Ansible at Palo Alto Networks
The collection of Ansible modules for PAN-OS has been officially certified by the Red Hat Ansible team (list of Ansible certified content) since version 2.12.2.
Read our latest Developer Blogs
Mind Tricks: The Perils of Prompt Injection Attacks Against LLMs
By: Steven Serrata
I know what this must look like — yet another blog article on how Large Language Models (LLMs) will revolutionize the world and guarantee human obsolescence (or extinction?!). To be fair, this isn’t the first time I’ve written about AI or automating one’s self out of a job, but I have to admit it feels different this time around. Maybe it’s all the Sci-Fi I’ve consumed in my lifetime? Maybe it’s our collective tendency to anthropomorphize animals/things that only very slightly remind us of ourselves? Whatever is the case with LLMs, (as you’ve probably already guessed) I am not really here to sing their praises. Don’t get me wrong, I am absolutely blown away by their demonstrated mastery of language, but I can’t help but be leery of how that mastery was attained or how vulnerable we are as a society to that “mastery” being exploited for nefarious purposes.

Security Automation at BlackHat Europe 2022: Part 2
By: James Holland
To reiterate from the previous post, on the Black Hat conference network we are likely to see malicious activity, in fact it is expected. As the Black Hat leadership team say, occasionally we find a “needle in a needlestack”, someone with true malicious intent. But how do you go about finding malicious activity with real intent within a sea of offensive security demonstrations and training exercises?

Security Automation at BlackHat Europe 2022: Part 1
By: James Holland
It’s been called one of the most dangerous networks in the world, and there are many good reasons why each Black Hat conference has its own IT infrastructure built from the ground up.
The Developer’s Guide To Palo Alto Networks Cloud NGFW for AWS Part 4 (Policy as Code for Panorama…
By: Migara Ekanayake
A Cloud NGFW resource provides next-generation firewall capabilities for your Amazon VPC traffic. This resource has built-in resiliency, scalability, and lifecycle management. In the previous parts of this blog series, we covered firewall-as-code and policy-as-code aspects of Cloud NGFW using Terraform(1), Cloud Formation(2), and Cloud Control CLI(3). In this part, we will explore the policy-as-code aspects of Cloud NGFW when using Palo Alto Networks Panorama to author security policy rules.

The Developer’s Guide To Palo Alto Networks Cloud NGFW for AWS Part 3 (CLI access using…
By: Priyal Palkar
A Cloud NGFW resource provides next-generation firewall capabilities for your VPC traffic. This resource has built-in resiliency, scalability and lifecycle management. In the previous blog, we discussed activating Palo Alto Networks Cloud NGFW CloudFormation extensions and using CloudFormation templates to provision Cloud NGFW resources. In this blog, we will discuss using AWS CloudControl CLI to provision Cloud NGFW resources.
The Developer’s Guide To Palo Alto Networks Cloud NGFW for AWS Part 2 (CloudFormation)
By: Priyal Palkar
A Cloud NGFW resource provides next-generation firewall capabilities for your VPC traffic. This resource has built-in resiliency, scalability and lifecycle management. In the last blog, we covered the firewall-as-a-code and policy-as-a-code aspects of Cloud NGFW using Terraform. In this blog, we will discuss the same aspects using AWS Cloud Formation.

Announcement: New Phase of our VM-Series Terraform Modules
By: Migara Ekanayake
We released the first version of VM-Series Terraform modules v0.1.0 for Azure back in April 2021. We have come a long way since, from extending coverage for AWS and GCP to releasing 67 versions combined. At the time of writing this article, we have over 133k downloads from the Terraform Registry alone.

Framework to think about Service Limits in a Microservices Architecture
By: Krishnan Narayan
With over 100+ microservices deployed in production to power the Prisma Cloud Platform at Palo Alto Networks, we have had to deal with some basic reality checks as we grew the business from $XM to $XXXM in 3+ years going from tens to thousands of customers.
Navigating the Testing Maze: Unravelling the Challenges of Infrastructure as Code (IaC) Testing…
By: Lukasz Pawlega
This is all true. It seems obvious when you think about code written in one of the general-purpose languages. A developer can even almost naturally assign a particular test to the requirements mentioned above: code standards — static code analysis, reliability — unit/integration testing, etc. Yet, this is not so obvious when you switch to declarative languages and tools such as HCL and Terraform, or in general, when talking about testing Infrastructure as Code. The image gets blurry, and you suddenly end up in a situation where testing one line of code means deploying a whole costly infrastructure.
Mind Tricks: The Perils of Prompt Injection Attacks Against LLMs
By: Steven Serrata
I know what this must look like — yet another blog article on how Large Language Models (LLMs) will revolutionize the world and guarantee human obsolescence (or extinction?!). To be fair, this isn’t the first time I’ve written about AI or automating one’s self out of a job, but I have to admit it feels different this time around. Maybe it’s all the Sci-Fi I’ve consumed in my lifetime? Maybe it’s our collective tendency to anthropomorphize animals/things that only very slightly remind us of ourselves? Whatever is the case with LLMs, (as you’ve probably already guessed) I am not really here to sing their praises. Don’t get me wrong, I am absolutely blown away by their demonstrated mastery of language, but I can’t help but be leery of how that mastery was attained or how vulnerable we are as a society to that “mastery” being exploited for nefarious purposes.

Security Automation at BlackHat Europe 2022: Part 2
By: James Holland
To reiterate from the previous post, on the Black Hat conference network we are likely to see malicious activity, in fact it is expected. As the Black Hat leadership team say, occasionally we find a “needle in a needlestack”, someone with true malicious intent. But how do you go about finding malicious activity with real intent within a sea of offensive security demonstrations and training exercises?

Security Automation at BlackHat Europe 2022: Part 1
By: James Holland
It’s been called one of the most dangerous networks in the world, and there are many good reasons why each Black Hat conference has its own IT infrastructure built from the ground up.
The Developer’s Guide To Palo Alto Networks Cloud NGFW for AWS Part 4 (Policy as Code for Panorama…
By: Migara Ekanayake
A Cloud NGFW resource provides next-generation firewall capabilities for your Amazon VPC traffic. This resource has built-in resiliency, scalability, and lifecycle management. In the previous parts of this blog series, we covered firewall-as-code and policy-as-code aspects of Cloud NGFW using Terraform(1), Cloud Formation(2), and Cloud Control CLI(3). In this part, we will explore the policy-as-code aspects of Cloud NGFW when using Palo Alto Networks Panorama to author security policy rules.

The Developer’s Guide To Palo Alto Networks Cloud NGFW for AWS Part 3 (CLI access using…
By: Priyal Palkar
A Cloud NGFW resource provides next-generation firewall capabilities for your VPC traffic. This resource has built-in resiliency, scalability and lifecycle management. In the previous blog, we discussed activating Palo Alto Networks Cloud NGFW CloudFormation extensions and using CloudFormation templates to provision Cloud NGFW resources. In this blog, we will discuss using AWS CloudControl CLI to provision Cloud NGFW resources.
The Developer’s Guide To Palo Alto Networks Cloud NGFW for AWS Part 2 (CloudFormation)
By: Priyal Palkar
A Cloud NGFW resource provides next-generation firewall capabilities for your VPC traffic. This resource has built-in resiliency, scalability and lifecycle management. In the last blog, we covered the firewall-as-a-code and policy-as-a-code aspects of Cloud NGFW using Terraform. In this blog, we will discuss the same aspects using AWS Cloud Formation.

Announcement: New Phase of our VM-Series Terraform Modules
By: Migara Ekanayake
We released the first version of VM-Series Terraform modules v0.1.0 for Azure back in April 2021. We have come a long way since, from extending coverage for AWS and GCP to releasing 67 versions combined. At the time of writing this article, we have over 133k downloads from the Terraform Registry alone.

Framework to think about Service Limits in a Microservices Architecture
By: Krishnan Narayan
With over 100+ microservices deployed in production to power the Prisma Cloud Platform at Palo Alto Networks, we have had to deal with some basic reality checks as we grew the business from $XM to $XXXM in 3+ years going from tens to thousands of customers.
Navigating the Testing Maze: Unravelling the Challenges of Infrastructure as Code (IaC) Testing…
By: Lukasz Pawlega
This is all true. It seems obvious when you think about code written in one of the general-purpose languages. A developer can even almost naturally assign a particular test to the requirements mentioned above: code standards — static code analysis, reliability — unit/integration testing, etc. Yet, this is not so obvious when you switch to declarative languages and tools such as HCL and Terraform, or in general, when talking about testing Infrastructure as Code. The image gets blurry, and you suddenly end up in a situation where testing one line of code means deploying a whole costly infrastructure.
Mind Tricks: The Perils of Prompt Injection Attacks Against LLMs
By: Steven Serrata
I know what this must look like — yet another blog article on how Large Language Models (LLMs) will revolutionize the world and guarantee human obsolescence (or extinction?!). To be fair, this isn’t the first time I’ve written about AI or automating one’s self out of a job, but I have to admit it feels different this time around. Maybe it’s all the Sci-Fi I’ve consumed in my lifetime? Maybe it’s our collective tendency to anthropomorphize animals/things that only very slightly remind us of ourselves? Whatever is the case with LLMs, (as you’ve probably already guessed) I am not really here to sing their praises. Don’t get me wrong, I am absolutely blown away by their demonstrated mastery of language, but I can’t help but be leery of how that mastery was attained or how vulnerable we are as a society to that “mastery” being exploited for nefarious purposes.

Security Automation at BlackHat Europe 2022: Part 2
By: James Holland
To reiterate from the previous post, on the Black Hat conference network we are likely to see malicious activity, in fact it is expected. As the Black Hat leadership team say, occasionally we find a “needle in a needlestack”, someone with true malicious intent. But how do you go about finding malicious activity with real intent within a sea of offensive security demonstrations and training exercises?

Security Automation at BlackHat Europe 2022: Part 1
By: James Holland
It’s been called one of the most dangerous networks in the world, and there are many good reasons why each Black Hat conference has its own IT infrastructure built from the ground up.