Public/Set-PaSecurityPolicy.ps1

function Set-PaSecurityPolicy {
    <#
    .SYNOPSIS
        Creates/Configures a Security Policy on a Palo Alto device.

    .DESCRIPTION
        Creates/Configures a Security Policy on a Palo Alto device.

    .EXAMPLE

    .PARAMETER Name

    #>

    [CmdletBinding(SupportsShouldProcess = $True)]

    Param (
        [Parameter(ParameterSetName = "name", Mandatory = $True, Position = 0)]
        [string]$Name,

        [Parameter(ParameterSetName = "paobject", Mandatory = $True, Position = 0, ValueFromPipeline = $True)]
        [PaSecurityPolicy]$PaSecurityPolicy,

        [Parameter(Mandatory = $False)]
        [string[]]$SourceZone,

        [Parameter(Mandatory = $False)]
        [string[]]$SourceUser,

        [Parameter(Mandatory = $False)]
        [string[]]$DestinationZone,

        [Parameter(Mandatory = $False)]
        [string[]]$DestinationAddress,

        [Parameter(Mandatory = $False)]
        [ValidateSet('allow', 'deny')]
        [string]$Action
    )

    BEGIN {
    }

    PROCESS {
        switch ($PsCmdlet.ParameterSetName) {
            'name' {
                $ConfigObject = [PaSecurityPolicy]::new($Name)
                continue
            }
            'paobject' {
                $ConfigObject = $PaSecurityPolicy
                continue
            }
        }

        if ($SourceZone) {
            $ConfigObject.SourceZone = $SourceZone
        }

        if ($SourceUser) {
            $ConfigObject.SourceUser = $SourceUser
        }

        if ($DestinationZone) {
            $ConfigObject.DestinationZone = $DestinationZone
        }

        if ($DestinationAddress) {
            $ConfigObject.DestinationAddress = $DestinationAddress
        }

        if ($Action) {
            $ConfigObject.Action = $Action
        }

        $ElementXml = $ConfigObject.ToXml().rules.entry.InnerXml
        $Xpath = $Global:PaDeviceObject.createXPath('rulebase/security/rules', $ConfigObject.Name)
        $Global:test = $ConfigObject

        if ($PSCmdlet.ShouldProcess("Creating new rule: $($ConfigObject.Name)")) {
            $Set = Invoke-PaApiConfig -Set -Xpath $XPath -Element $ElementXml

            $Set
        }
    }
}