W3cubDocs

/Ansible 2.10

cisco.meraki.meraki_ms_access_list – Manage access lists for Meraki switches in the Meraki cloud

Note

This plugin is part of the cisco.meraki collection.

To install it use: ansible-galaxy collection install cisco.meraki.

To use it in a playbook, specify: cisco.meraki.meraki_ms_access_list.

New in version 0.1.0: of cisco.meraki

Synopsis

  • Configure and query information about access lists on Meraki switches within the Meraki cloud.

Parameters

Parameter Choices/Defaults Comments
auth_key
string / required
Authentication key provided by the dashboard. Required if environmental variable MERAKI_KEY is not set.
host
string
Default:
"api.meraki.com"
Hostname for Meraki dashboard.
Can be used to access regional Meraki environments, such as China.
internal_error_retry_time
integer
Default:
60
Number of seconds to retry if server returns an internal server error.
net_id
string
ID of network which configuration is applied to.
net_name
string
Name of network which configuration is applied to.

aliases: network
org_id
string
ID of organization.
org_name
string
Name of organization.

aliases: organization
output_format
string
    Choices:
  • snakecase
  • camelcase
Instructs module whether response keys should be snake case (ex. net_id) or camel case (ex. netId).
output_level
string
    Choices:
  • debug
  • normal
Set amount of debug output during module execution.
rate_limit_retry_time
integer
Default:
165
Number of seconds to retry if rate limiter is triggered.
rules
list / elements=dictionary
List of access control rules.
comment
string
Description of the rule.
dst_cidr
string
CIDR notation of source IP address to match.
dst_port
string
Port number of destination port to match.
May be a port number or 'any'.
ip_version
string
    Choices:
  • any
  • ipv4
  • ipv6
Type of IP packets to match.
policy
string
    Choices:
  • allow
  • deny
Action to take on matching traffic.
protocol
string
    Choices:
  • any
  • tcp
  • udp
Type of protocol to match.
src_cidr
string
CIDR notation of source IP address to match.
src_port
string
Port number of source port to match.
May be a port number or 'any'.
vlan
string
Incoming traffic VLAN.
May be any port between 1-4095 or 'any'.
state
string
    Choices:
  • absent
  • present
  • query
Specifies whether object should be queried, created/modified, or removed.
timeout
integer
Default:
30
Time to timeout for HTTP requests.
use_https
boolean
    Choices:
  • no
  • yes
If no, it will use HTTP. Otherwise it will use HTTPS.
Only useful for internal Meraki developers.
use_proxy
boolean
    Choices:
  • no
  • yes
If no, it will not use a proxy, even if one is defined in an environment variable on the target hosts.
validate_certs
boolean
    Choices:
  • no
  • yes
Whether to validate HTTP certificates.

Notes

Note

  • Some of the options are likely only used for developers within Meraki.
  • More information about the Meraki API can be found at https://dashboard.meraki.com/api_docs.
  • Some of the options are likely only used for developers within Meraki.
  • As of Ansible 2.9, Meraki modules output keys as snake case. To use camel case, set the ANSIBLE_MERAKI_FORMAT environment variable to camelcase.
  • Ansible’s Meraki modules will stop supporting camel case output in Ansible 2.13. Please update your playbooks.
  • Check Mode downloads the current configuration from the dashboard, then compares changes against this download. Check Mode will report changed if there are differences in the configurations, but does not submit changes to the API for validation of change.

Examples

- name: Set access list
  meraki_switch_access_list:
    auth_key: abc123
    state: present
    org_name: YourOrg
    net_name: YourNet
    rules:
      - comment: Fake rule
        policy: allow
        ip_version: ipv4
        protocol: udp
        src_cidr: 192.0.1.0/24
        src_port: "4242"
        dst_cidr: 1.2.3.4/32
        dst_port: "80"
        vlan: "100"
  delegate_to: localhost

- name: Query access lists
  meraki_switch_access_list:
    auth_key: abc123
    state: query
    org_name: YourOrg
    net_name: YourNet
  delegate_to: localhost

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key Returned Description
data
complex
success
List of administrators.
rules
list / elements=string
success
List of access control rules.
comment
string
success
Description of the rule.

Sample:
User rule
dst_cidr
string
success
CIDR notation of source IP address to match.

Sample:
1.2.3.4/32
dst_port
string
success
Port number of destination port to match.

Sample:
80
ip_version
string
success
Type of IP packets to match.

Sample:
ipv4
policy
string
success
Action to take on matching traffic.

Sample:
allow
protocol
string
success
Type of protocol to match.

Sample:
udp
src_cidr
string
success
CIDR notation of source IP address to match.

Sample:
192.0.1.0/24
src_port
string
success
Port number of source port to match.

Sample:
1234
vlan
string
success
Incoming traffic VLAN.

Sample:
100


Authors

  • Kevin Breit (@kbreit)

© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.10/collections/cisco/meraki/meraki_ms_access_list_module.html