meraki_firewalled_services – Edit firewall policies for administrative network services
New in version 2.9.
Synopsis
- Allows for setting policy firewalled services for Meraki network devices.
Parameters
| Parameter | Choices/Defaults | Comments |
|---|---|---|
| access string |
| Network service to query or modify. |
| allowed_ips list | List of IP addresses allowed to access a service. Only used when access is set to restricted. | |
| auth_key string / required | Authentication key provided by the dashboard. Required if environmental variable MERAKI_KEY is not set. | |
| host string | Default: "api.meraki.com" | Hostname for Meraki dashboard. Can be used to access regional Meraki environments, such as China. |
| internal_error_retry_time integer | Default: 60 | Number of seconds to retry if server returns an internal server error. |
| net_id string | ID number of a network. | |
| net_name string | Name of a network. aliases: network | |
| org_id string | ID of organization associated to a network. | |
| org_name string | Name of organization associated to a network. aliases: organization | |
| output_format string |
| Instructs module whether response keys should be snake case (ex. net_id) or camel case (ex. netId). |
| output_level string |
| Set amount of debug output during module execution. |
| rate_limit_retry_time integer | Default: 165 | Number of seconds to retry if rate limiter is triggered. |
| service string |
| Network service to query or modify. |
| state string |
| States that a policy should be created or modified. |
| timeout integer | Default: 30 | Time to timeout for HTTP requests. |
| use_https boolean |
| If no, it will use HTTP. Otherwise it will use HTTPS.Only useful for internal Meraki developers. |
| use_proxy boolean |
| If no, it will not use a proxy, even if one is defined in an environment variable on the target hosts. |
| validate_certs boolean |
| Whether to validate HTTP certificates. |
Notes
Note
- More information about the Meraki API can be found at https://dashboard.meraki.com/api_docs.
- Some of the options are likely only used for developers within Meraki.
- As of Ansible 2.9, Meraki modules output keys as snake case. To use camel case, set the
ANSIBLE_MERAKI_FORMATenvironment variable tocamelcase. - Ansible’s Meraki modules will stop supporting camel case output in Ansible 2.13. Please update your playbooks.
Examples
- name: Set icmp service to blocked
meraki_firewalled_services:
auth_key: '{{ auth_key }}'
state: present
org_name: '{{test_org_name}}'
net_name: IntTestNetworkAppliance
service: ICMP
access: blocked
delegate_to: localhost
- name: Set icmp service to restricted
meraki_firewalled_services:
auth_key: abc123
state: present
org_name: YourOrg
net_name: YourNet
service: web
access: restricted
allowed_ips:
- 192.0.1.1
- 192.0.1.2
delegate_to: localhost
- name: Query appliance services
meraki_firewalled_services:
auth_key: abc123
state: query
org_name: YourOrg
net_name: YourNet
delegate_to: localhost
- name: Query services
meraki_firewalled_services:
auth_key: abc123
state: query
org_name: YourOrg
net_name: YourNet
service: ICMP
delegate_to: localhost
Return Values
Common return values are documented here, the following are the fields unique to this module:
| Key | Returned | Description | |
|---|---|---|---|
| data complex | info | List of network services. | |
| access string | success | Access assigned to a service type. Sample: unrestricted | |
| allowed_ips string | success | List of IP addresses to have access to service. Sample: 192.0.1.0 | |
| service string | success | Service to apply policy to. Sample: ICMP | |
Status
- This module is not guaranteed to have a backwards compatible interface. [preview]
- This module is maintained by the Ansible Community. [community]
Authors
- Kevin Breit (@kbreit)
Hint
If you notice any issues in this documentation, you can edit this document to improve it.
© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.9/modules/meraki_firewalled_services_module.html