meraki_firewalled_services – Edit firewall policies for administrative network services
New in version 2.9.
Synopsis
- Allows for setting policy firewalled services for Meraki network devices.
Parameters
| Parameter | Choices/Defaults | Comments |
|---|---|---|
| access
string
|
|
Network service to query or modify.
|
| allowed_ips
list
|
List of IP addresses allowed to access a service.
Only used when access is set to restricted.
|
|
| auth_key
string / required
|
Authentication key provided by the dashboard. Required if environmental variable MERAKI_KEY is not set.
|
|
| host
string
|
Default:
"api.meraki.com"
|
Hostname for Meraki dashboard.
Can be used to access regional Meraki environments, such as China.
|
| internal_error_retry_time
integer
|
Default:
60
|
Number of seconds to retry if server returns an internal server error.
|
| net_id
string
|
ID number of a network.
|
|
| net_name
string
|
Name of a network.
aliases: network |
|
| org_id
string
|
ID of organization associated to a network.
|
|
| org_name
string
|
Name of organization associated to a network.
aliases: organization |
|
| output_format
string
|
|
Instructs module whether response keys should be snake case (ex. net_id) or camel case (ex. netId).
|
| output_level
string
|
|
Set amount of debug output during module execution.
|
| rate_limit_retry_time
integer
|
Default:
165
|
Number of seconds to retry if rate limiter is triggered.
|
| service
string
|
|
Network service to query or modify.
|
| state
string
|
|
States that a policy should be created or modified.
|
| timeout
integer
|
Default:
30
|
Time to timeout for HTTP requests.
|
| use_https
boolean
|
|
If
no, it will use HTTP. Otherwise it will use HTTPS.
Only useful for internal Meraki developers.
|
| use_proxy
boolean
|
|
If no, it will not use a proxy, even if one is defined in an environment variable on the target hosts.
|
| validate_certs
boolean
|
|
Whether to validate HTTP certificates.
|
Notes
Note
- More information about the Meraki API can be found at https://dashboard.meraki.com/api_docs.
- Some of the options are likely only used for developers within Meraki.
- As of Ansible 2.9, Meraki modules output keys as snake case. To use camel case, set the
ANSIBLE_MERAKI_FORMATenvironment variable tocamelcase. - Ansible’s Meraki modules will stop supporting camel case output in Ansible 2.13. Please update your playbooks.
Examples
- name: Set icmp service to blocked
meraki_firewalled_services:
auth_key: '{{ auth_key }}'
state: present
org_name: '{{test_org_name}}'
net_name: IntTestNetworkAppliance
service: ICMP
access: blocked
delegate_to: localhost
- name: Set icmp service to restricted
meraki_firewalled_services:
auth_key: abc123
state: present
org_name: YourOrg
net_name: YourNet
service: web
access: restricted
allowed_ips:
- 192.0.1.1
- 192.0.1.2
delegate_to: localhost
- name: Query appliance services
meraki_firewalled_services:
auth_key: abc123
state: query
org_name: YourOrg
net_name: YourNet
delegate_to: localhost
- name: Query services
meraki_firewalled_services:
auth_key: abc123
state: query
org_name: YourOrg
net_name: YourNet
service: ICMP
delegate_to: localhost
Return Values
Common return values are documented here, the following are the fields unique to this module:
| Key | Returned | Description | |
|---|---|---|---|
| data
complex
|
info |
List of network services.
|
|
| access
string
|
success |
Access assigned to a service type.
Sample:
unrestricted
|
|
| allowed_ips
string
|
success |
List of IP addresses to have access to service.
Sample:
192.0.1.0
|
|
| service
string
|
success |
Service to apply policy to.
Sample:
ICMP
|
|
Status
- This module is not guaranteed to have a backwards compatible interface. [preview]
- This module is maintained by the Ansible Community. [community]
Authors
- Kevin Breit (@kbreit)
Hint
If you notice any issues in this documentation, you can edit this document to improve it.
© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.9/modules/meraki_firewalled_services_module.html