Per-Admin Configuration Push and Revert
Please contact your account team to enable the
feature.
In shared environments, concurrent configuration changes by multiple
administrators can lead to conflicts where a single error traditionally requires
reverting all uncommitted changes. Strata Cloud Manager addresses this challenge
by moving beyond the traditional all-or-nothing commit model to offer precise
control in multi-administrator environments.
You can now selectively revert uncommitted changes made by specific
administrators within defined scopes or within designated containers, cloud
containers, on-premises containers, and snippets. This feature allows you to
revert specific uncommitted changes from the candidate configuration while
preserving other administrators' work. In addition to reverting changes, you can
perform partial configuration pushes to deploy only the changes within your
selected scope to designated device.
To ensure deployment accuracy, you can preview changes before you revert or push
them. The system provides detailed information about dependencies that might
prevent the operation, allowing you to resolve issues before deployment.
You cannot use selective push or revert and must perform all-admin push in the
following scenarios:
- Configuration load operations.
- Changes in container hierarchy, such as snippet association or
disassociation.
- Internal commits triggered by tenant upgrades.
- When the number of uncommitted changes exceeds 500.
This procedure guides you through selectively reverting uncommitted configuration
changes within Strata Cloud Manager.
- Log in to Strata Cloud Manager.
- Select Push Config and
Revert.
- Define the scope for the revert operation in the Revert
Candidate Configuration window.
- Use the Admin Scope to choose the
administrator(s) whose uncommitted changes you want to
revert. The Admin Scope lists all
administrators who have made changes to your tenant.
- Select the Location Scope to specify
the configuration entities such as folders, snippets,
cloud-containers, on-prem-containers where changes should be
reverted. By default, all folders and snippets are selected.
Adjust this based on the specific changes you intend to
revert. This granular selection ensures you target only the
intended changes and prevents accidental rollbacks of other
administrators' work or unrelated configuration areas.
- Select Get Target Object List or
Refresh to view the affected objects. The
list populates with all uncommitted changes matching your selected
Admin Scope and Location
Scope. This step provides a clear overview of all
modifications affected by the revert, allowing for verification before
proceeding. Review the Target Objects table to
see the object type and the number of the objects the revert operation
will impact.
- Select Revert Preview. The preview displays a
detailed before-and-after comparison of the configuration objects,
indicating what will be restored or deleted. The revert preview provides
a critical safety check, allowing you to confirm the selected changes
and understand the operation's exact impact. This helps prevent
unintended configuration disruptions.
- Object Name identifies the policy,
object, network settings, or device setting.
- Type specifies is the kind of setting,
such as Address, Security rule, or Zone.
- In the preview window, compare the proposed against the running
configuration. The preview window uses color coding to indicate
additions in green, modifications in yellow, and deletions in
red.
- Revert. The rollback process initiates for all
changes identified within your defined scope.
- Address any dependency errors if the revert fails.
- Review the error message for schema verification failures or
object dependencies. The system indicates specific dependencies
(for example, an invalid reference or an application override
rule) that prevent the revert.
- Navigate to the conflicting configuration and resolve the
dependency. For example, delete an Application
Override Policy rule causing a conflict. The
revert process includes robust validation to prevent
configuration breakage. Understanding and resolving dependencies
is essential to successfully roll back changes without
introducing new errors or inconsistencies.
- Verify the successful revert.
- Observe the UI reloading automatically after a successful
revert.
- Navigate to the relevant configuration sections to confirm that
the reverted objects have been removed or restored to their
previous state. Verifying the revert ensures the intended
changes have been successfully undone and your system's
configuration is in the expected state. This confirms the
integrity and correctness of the rollback operation.
