meraki_mr_l3_firewall – Manage MR access point layer 3 firewalls in the Meraki cloud
New in version 2.7.
Synopsis
- Allows for creation, management, and visibility into layer 3 firewalls implemented on Meraki MR access points.
- Module is not idempotent as of current release.
Parameters
Parameter | Choices/Defaults | Comments | |
---|---|---|---|
allow_lan_access
boolean
|
|
Sets whether devices can talk to other devices on the same LAN.
|
|
auth_key
string /
required
|
Authentication key provided by the dashboard. Required if environmental variable
MERAKI_KEY is not set.
|
||
host
string
|
Default:
"api.meraki.com"
|
Hostname for Meraki dashboard.
Can be used to access regional Meraki environments, such as China.
|
|
internal_error_retry_time
integer
|
Default:
60
|
Number of seconds to retry if server returns an internal server error.
|
|
net_id
string
|
ID of network containing access points.
|
||
net_name
string
|
Name of network containing access points.
|
||
number
integer
|
Number of SSID to apply firewall rule to.
aliases: ssid_number |
||
org_id
string
|
ID of organization.
|
||
org_name
string
|
Name of organization.
aliases: organization |
||
output_format
string
|
|
Instructs module whether response keys should be snake case (ex.
net_id ) or camel case (ex.
netId ).
|
|
output_level
string
|
|
Set amount of debug output during module execution.
|
|
rate_limit_retry_time
integer
|
Default:
165
|
Number of seconds to retry if rate limiter is triggered.
|
|
rules
list
|
List of firewall rules.
|
||
comment
string
|
Optional comment describing the firewall rule.
|
||
dest_cidr
string
|
Comma-separated list of CIDR notation networks to match.
|
||
dest_port
string
|
Comma-seperated list of destination ports to match.
|
||
policy
string
|
|
Specifies the action that should be taken when rule is hit.
|
|
protocol
string
|
|
Specifies protocol to match against.
|
|
ssid_name
string
|
Name of SSID to apply firewall rule to.
aliases: ssid |
||
state
string
|
|
Create or modify an organization.
|
|
timeout
integer
|
Default:
30
|
Time to timeout for HTTP requests.
|
|
use_https
boolean
|
|
If
no , it will use HTTP. Otherwise it will use HTTPS.
Only useful for internal Meraki developers.
|
|
use_proxy
boolean
|
|
If
no , it will not use a proxy, even if one is defined in an environment variable on the target hosts.
|
|
validate_certs
boolean
|
|
Whether to validate HTTP certificates.
|
Notes
Note
- More information about the Meraki API can be found at https://dashboard.meraki.com/api_docs.
- Some of the options are likely only used for developers within Meraki.
- As of Ansible 2.9, Meraki modules output keys as snake case. To use camel case, set the
ANSIBLE_MERAKI_FORMAT
environment variable tocamelcase
. - Ansible’s Meraki modules will stop supporting camel case output in Ansible 2.13. Please update your playbooks.
Examples
- name: Create single firewall rule meraki_mr_l3_firewall: auth_key: abc123 state: present org_name: YourOrg net_id: 12345 number: 1 rules: - comment: Integration test rule policy: allow protocol: tcp dest_port: 80 dest_cidr: 192.0.2.0/24 allow_lan_access: no delegate_to: localhost - name: Enable local LAN access meraki_mr_l3_firewall: auth_key: abc123 state: present org_name: YourOrg net_id: 123 number: 1 rules: allow_lan_access: yes delegate_to: localhost - name: Query firewall rules meraki_mr_l3_firewall: auth_key: abc123 state: query org_name: YourOrg net_name: YourNet number: 1 delegate_to: localhost
Status
- This module is not guaranteed to have a backwards compatible interface. [preview]
- This module is maintained by the Ansible Community. [community]
Authors
- Kevin Breit (@kbreit)
Hint
If you notice any issues in this documentation, you can edit this document to improve it.
© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.9/modules/meraki_mr_l3_firewall_module.html