cisco.meraki.meraki_firewalled_services – Edit firewall policies for administrative network services
Note
This plugin is part of the cisco.meraki collection (version 2.5.0).
You might already have this collection installed if you are using the ansible
package.
It is not included in ansible-core
.
To check whether it is installed, run ansible-galaxy collection list
.
To install it, use: ansible-galaxy collection install cisco.meraki
.
To use it in a playbook, specify: cisco.meraki.meraki_firewalled_services
.
Parameters
Parameter |
Comments |
---|---|
Network service to query or modify. Choices:
|
|
List of IP addresses allowed to access a service. Only used when |
|
Authentication key provided by the dashboard. Required if environmental variable MERAKI_KEY is not set. |
|
Hostname for Meraki dashboard. Can be used to access regional Meraki environments, such as China. Default: “api.meraki.com” |
|
Number of seconds to retry if server returns an internal server error. Default: 60 |
|
ID number of a network. |
|
Name of a network. |
|
ID of organization associated to a network. |
|
Name of organization associated to a network. |
|
Instructs module whether response keys should be snake case (ex. Choices:
|
|
Set amount of debug output during module execution. Choices:
|
|
Number of seconds to retry if rate limiter is triggered. Default: 165 |
|
Network service to query or modify. Choices:
|
|
States that a policy should be created or modified. Choices:
|
|
Time to timeout for HTTP requests. Default: 30 |
|
If Only useful for internal Meraki developers. Choices:
|
|
If Choices:
|
|
Whether to validate HTTP certificates. Choices:
|
Notes
Note
More information about the Meraki API can be found at https://dashboard.meraki.com/api_docs.
Some of the options are likely only used for developers within Meraki.
As of Ansible 2.9, Meraki modules output keys as snake case. To use camel case, set the
ANSIBLE_MERAKI_FORMAT
environment variable tocamelcase
.Ansible’s Meraki modules will stop supporting camel case output in Ansible 2.13. Please update your playbooks.
Check Mode downloads the current configuration from the dashboard, then compares changes against this download. Check Mode will report changed if there are differences in the configurations, but does not submit changes to the API for validation of change.
Examples
- name: Set icmp service to blocked
meraki_firewalled_services:
auth_key: '{{ auth_key }}'
state: present
org_name: '{{test_org_name}}'
net_name: IntTestNetworkAppliance
service: ICMP
access: blocked
delegate_to: localhost
- name: Set icmp service to restricted
meraki_firewalled_services:
auth_key: abc123
state: present
org_name: YourOrg
net_name: YourNet
service: web
access: restricted
allowed_ips:
- 192.0.1.1
- 192.0.1.2
delegate_to: localhost
- name: Query appliance services
meraki_firewalled_services:
auth_key: abc123
state: query
org_name: YourOrg
net_name: YourNet
delegate_to: localhost
- name: Query services
meraki_firewalled_services:
auth_key: abc123
state: query
org_name: YourOrg
net_name: YourNet
service: ICMP
delegate_to: localhost
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key |
Description |
---|---|
List of network services. Returned: info |
|
Access assigned to a service type. Returned: success Sample: “unrestricted” |
|
List of IP addresses to have access to service. Returned: success Sample: “192.0.1.0” |
|
Service to apply policy to. Returned: success Sample: “ICMP” |
Authors
Kevin Breit (@kbreit)