Docs4dev
Docs
ansible / latest / collections / cisco / meraki / meraki_firewalled_services_module.html

cisco.meraki.meraki_firewalled_services – Edit firewall policies for administrative network services

Note

This plugin is part of the cisco.meraki collection (version 2.5.0).

You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install cisco.meraki.

To use it in a playbook, specify: cisco.meraki.meraki_firewalled_services.

Synopsis

  • Allows for setting policy firewalled services for Meraki network devices.

Parameters

Parameter Choices/Defaults Comments
access
string
    Choices:
  • blocked
  • restricted
  • unrestricted
Network service to query or modify.
allowed_ips
list / elements=string
List of IP addresses allowed to access a service.
Only used when access is set to restricted.
auth_key
string / required
Authentication key provided by the dashboard. Required if environmental variable MERAKI_KEY is not set.
host
string
Default:
"api.meraki.com"
Hostname for Meraki dashboard.
Can be used to access regional Meraki environments, such as China.
internal_error_retry_time
integer
Default:
60
Number of seconds to retry if server returns an internal server error.
net_id
string
ID number of a network.
net_name
string
Name of a network.

aliases: network
org_id
string
ID of organization associated to a network.
org_name
string
Name of organization associated to a network.

aliases: organization
output_format
string
    Choices:
  • snakecase
  • camelcase
Instructs module whether response keys should be snake case (ex. net_id) or camel case (ex. netId).
output_level
string
    Choices:
  • debug
  • normal
Set amount of debug output during module execution.
rate_limit_retry_time
integer
Default:
165
Number of seconds to retry if rate limiter is triggered.
service
string
    Choices:
  • ICMP
  • SNMP
  • web
Network service to query or modify.
state
string
    Choices:
  • present
  • query
States that a policy should be created or modified.
timeout
integer
Default:
30
Time to timeout for HTTP requests.
use_https
boolean
    Choices:
  • no
  • yes
If no, it will use HTTP. Otherwise it will use HTTPS.
Only useful for internal Meraki developers.
use_proxy
boolean
    Choices:
  • no
  • yes
If no, it will not use a proxy, even if one is defined in an environment variable on the target hosts.
validate_certs
boolean
    Choices:
  • no
  • yes
Whether to validate HTTP certificates.

Notes

Note

  • More information about the Meraki API can be found at https://dashboard.meraki.com/api_docs.
  • Some of the options are likely only used for developers within Meraki.
  • As of Ansible 2.9, Meraki modules output keys as snake case. To use camel case, set the ANSIBLE_MERAKI_FORMAT environment variable to camelcase.
  • Ansible’s Meraki modules will stop supporting camel case output in Ansible 2.13. Please update your playbooks.
  • Check Mode downloads the current configuration from the dashboard, then compares changes against this download. Check Mode will report changed if there are differences in the configurations, but does not submit changes to the API for validation of change.

Examples

- name: Set icmp service to blocked
  meraki_firewalled_services:
    auth_key: '{{ auth_key }}'
    state: present
    org_name: '{{test_org_name}}'
    net_name: IntTestNetworkAppliance
    service: ICMP
    access: blocked
  delegate_to: localhost

- name: Set icmp service to restricted
  meraki_firewalled_services:
    auth_key: abc123
    state: present
    org_name: YourOrg
    net_name: YourNet
    service: web
    access: restricted
    allowed_ips:
      - 192.0.1.1
      - 192.0.1.2
  delegate_to: localhost

- name: Query appliance services
  meraki_firewalled_services:
    auth_key: abc123
    state: query
    org_name: YourOrg
    net_name: YourNet
  delegate_to: localhost

- name: Query services
  meraki_firewalled_services:
    auth_key: abc123
    state: query
    org_name: YourOrg
    net_name: YourNet
    service: ICMP
  delegate_to: localhost

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key Returned Description
data
complex
info
List of network services.

access
string
success
Access assigned to a service type.

Sample:
unrestricted
allowed_ips
string
success
List of IP addresses to have access to service.

Sample:
192.0.1.0
service
string
success
Service to apply policy to.

Sample:
ICMP


Authors

  • Kevin Breit (@kbreit)

© 2012–2018 Michael DeHaan
© 2018–2021 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/latest/collections/cisco/meraki/meraki_firewalled_services_module.html