>
    Strata Copilot
    Create a Snippet
    Focus
    Download PDF
    Focus
    1. Home
    2. Prisma Access
    3. Prisma Access Administration
    4. Configure Dynamic Privilege Access Settings
    5. Create a Snippet
    Download PDF
    Prisma Access

    Create a Snippet

    Table of Contents

    Create a Snippet

    Create a snippet to group configurations of the Prisma Access Agent that you can quickly push to your deployments.
    Where Can I Use This?What Do I Need?
    • Prisma Access (Managed by Strata Cloud Manager)
    • Prisma Access 5.1 Innovation
    • Prisma Access license with the Mobile User subscription
    • Role: Superuser
    You can create a snippet to group the configurations of Prisma Access Agents that you can quickly push to your deployments. Snippets are used to standardize a common base configuration for a set of project-based deployments, allowing you to quickly onboard new devices with a known good configuration and reducing the time required to onboard a new device.
    After you create the snippet, you will associate the snippet to a scope, assign a user to the scope, and grant the user the Project Admin role. The user can then log in as the Project Admin and use the snippet to manage the project settings for the Prisma Access Agent. The Project Admin can only change the Prisma Access Agent settings for the snippets that they are assigned to.
    To create a snippet, complete the following steps:
    1. Log in to Strata Cloud Manager as the Superuser.
    2. Select ConfigurationNGFW and Prisma Access.
    3. Select Overview and expand the Configuration Scope to view the Snippets.
    4. Add Snippet and enter the following details:
      1. Enter a Name for the snippet.
      2. (Optional) Enter a Description for the snippet.
      3. (Optional) Assign one or more Labels.
        You can select an existing label or create a new label by typing the label you wanted to create.
      4. To ensure that object names are unique across a snippet, Add prefix to object names is enabled by default.
        Choose whether to Auto generate a random prefix or select Manual and add your own Prefix Value. The prefix value can be alphanumeric and have a maximum of six characters.
        The prefix will have the format xxxxxx-. When you add an object, Strata Cloud Manager will prepopulate the object name with the prefix.
      5. Create the snippet.
        After you create the snippet, you're in the Configuration Scope for the snippet. All configurations you create while in the snippet scope occurs only for the snippet.
    5. Associate the snippet to the Access Agent folder.
      1. In the Overview page of your snippet, select the Snippet Associations settings.
      2. Select Access Agent from the Config trees.
      3. Click the X to close the Snippet Associations window.
        Access Agent appears in the list of Snippet Associations.
    6. If you have not done so already, create an identity for the user who will be managing projects and assign the Project Admin Push role to the user.
      1. From Strata Cloud Manager, select SettingsIdentity & Access.
      2. Select Add Identity.
      3. Enter the Identity Address for the user who will be the project administrator and click Next.
      4. Select Add AccessPrisma Access & NGFW Configuration and select the Project Admin Push role for the user.
      5. Click Submit.
    7. Create a management scope for the snippet and assign a user to that scope.
      1. Select System SettingsIdentity and Access ManagementScope Settings.
      2. Create New Scope.
      3. Enter a Name for the scope and view the Snippets.
      4. Associate the snippet to the scope. Select the snippet that you created and Add it.
      5. In the Scope Objects, Assign Users to the scope that you created for your snippet.
      6. Assign a user to the scope by selecting a user from the list and giving the user the Project Admin role.
      7. Close the window.
      8. Push the configuration.
        1. Select ConfigurationNGFW and Prisma AccessConfiguration ScopePrisma AccessPush Config.
        2. Select the All Admins admin scope and select Push ConfigPush.
        After the push config operation is completed, the snippet is created and the roles are associated with the snippet.
        The assigned user (project admin) can now log in to Strata Cloud Manager and configure project-specific using the snippet that you created. The user can view other scopes that they are not assigned to, but they cannot interact with them, such as changing any configurations.

    © 2026 Palo Alto Networks, Inc. All rights reserved.