`_ (version 2.20.6). To install it, use: :code:`ansible-galaxy collection install cisco.meraki`. To use it in a playbook, specify: :code:`cisco.meraki.meraki_mr_l3_firewall`. .. version_added .. contents:: :local: :depth: 1 .. Deprecated DEPRECATED ---------- :Removed in: version 3.0.0 :Why: Updated modules released with increased functionality :Alternative: cisco.meraki.networks\_appliance\_firewall\_l3\_firewall\_rules Synopsis -------- .. Description - Allows for creation, management, and visibility into layer 3 firewalls implemented on Meraki MR access points. - Module is not idempotent as of current release. .. Aliases .. Requirements .. Options Parameters ---------- .. rst-class:: ansible-option-table .. list-table:: :width: 100% :widths: auto :header-rows: 1 * - Parameter - Comments * - .. raw:: html

.. _ansible_collections.cisco.meraki.meraki_mr_l3_firewall_module__parameter-allow_lan_access: .. rst-class:: ansible-option-title **allow_lan_access** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

Sets whether devices can talk to other devices on the same LAN. .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry-default:`true` :ansible-option-choices-default-mark:`← (default)` .. raw:: html

* - .. raw:: html

.. _ansible_collections.cisco.meraki.meraki_mr_l3_firewall_module__parameter-auth_key: .. rst-class:: ansible-option-title **auth_key** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`string` / :ansible-option-required:`required` .. raw:: html

- .. raw:: html

Authentication key provided by the dashboard. Required if environmental variable \ :literal:`MERAKI\_KEY`\ is not set. .. raw:: html

* - .. raw:: html

.. _ansible_collections.cisco.meraki.meraki_mr_l3_firewall_module__parameter-host: .. rst-class:: ansible-option-title **host** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`string` .. raw:: html

- .. raw:: html

Hostname for Meraki dashboard. Can be used to access regional Meraki environments, such as China. .. rst-class:: ansible-option-line :ansible-option-default-bold:`Default:` :ansible-option-default:`"api.meraki.com"` .. raw:: html

* - .. raw:: html

.. _ansible_collections.cisco.meraki.meraki_mr_l3_firewall_module__parameter-internal_error_retry_time: .. rst-class:: ansible-option-title **internal_error_retry_time** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`integer` .. raw:: html

- .. raw:: html

Number of seconds to retry if server returns an internal server error. .. rst-class:: ansible-option-line :ansible-option-default-bold:`Default:` :ansible-option-default:`60` .. raw:: html

* - .. raw:: html

.. _ansible_collections.cisco.meraki.meraki_mr_l3_firewall_module__parameter-net_id: .. rst-class:: ansible-option-title **net_id** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`string` .. raw:: html

- .. raw:: html

ID of network containing access points. .. raw:: html

* - .. raw:: html

.. _ansible_collections.cisco.meraki.meraki_mr_l3_firewall_module__parameter-net_name: .. rst-class:: ansible-option-title **net_name** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`string` .. raw:: html

- .. raw:: html

Name of network containing access points. .. raw:: html

* - .. raw:: html

.. _ansible_collections.cisco.meraki.meraki_mr_l3_firewall_module__parameter-number: .. _ansible_collections.cisco.meraki.meraki_mr_l3_firewall_module__parameter-ssid_number: .. rst-class:: ansible-option-title **number** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-aliases:`aliases: ssid_number` .. rst-class:: ansible-option-type-line :ansible-option-type:`string` .. raw:: html

- .. raw:: html

Number of SSID to apply firewall rule to. .. raw:: html

* - .. raw:: html

.. _ansible_collections.cisco.meraki.meraki_mr_l3_firewall_module__parameter-org_id: .. rst-class:: ansible-option-title **org_id** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`string` .. raw:: html

- .. raw:: html

ID of organization. .. raw:: html

* - .. raw:: html

.. _ansible_collections.cisco.meraki.meraki_mr_l3_firewall_module__parameter-org_name: .. _ansible_collections.cisco.meraki.meraki_mr_l3_firewall_module__parameter-organization: .. rst-class:: ansible-option-title **org_name** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-aliases:`aliases: organization` .. rst-class:: ansible-option-type-line :ansible-option-type:`string` .. raw:: html

- .. raw:: html

Name of organization. .. raw:: html

* - .. raw:: html

.. _ansible_collections.cisco.meraki.meraki_mr_l3_firewall_module__parameter-output_format: .. rst-class:: ansible-option-title **output_format** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`string` .. raw:: html

- .. raw:: html

Instructs module whether response keys should be snake case (ex. \ :literal:`net\_id`\ ) or camel case (ex. \ :literal:`netId`\ ). .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry-default:`"snakecase"` :ansible-option-choices-default-mark:`← (default)` - :ansible-option-choices-entry:`"camelcase"` .. raw:: html

* - .. raw:: html

.. _ansible_collections.cisco.meraki.meraki_mr_l3_firewall_module__parameter-output_level: .. rst-class:: ansible-option-title **output_level** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`string` .. raw:: html

- .. raw:: html

Set amount of debug output during module execution. .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`"debug"` - :ansible-option-choices-entry-default:`"normal"` :ansible-option-choices-default-mark:`← (default)` .. raw:: html

* - .. raw:: html

.. _ansible_collections.cisco.meraki.meraki_mr_l3_firewall_module__parameter-rate_limit_retry_time: .. rst-class:: ansible-option-title **rate_limit_retry_time** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`integer` .. raw:: html

- .. raw:: html

Number of seconds to retry if rate limiter is triggered. .. rst-class:: ansible-option-line :ansible-option-default-bold:`Default:` :ansible-option-default:`165` .. raw:: html

* - .. raw:: html

.. _ansible_collections.cisco.meraki.meraki_mr_l3_firewall_module__parameter-rules: .. rst-class:: ansible-option-title **rules** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`list` / :ansible-option-elements:`elements=dictionary` .. raw:: html

- .. raw:: html

List of firewall rules. .. raw:: html

* - .. raw:: html

.. _ansible_collections.cisco.meraki.meraki_mr_l3_firewall_module__parameter-rules/comment: .. rst-class:: ansible-option-title **comment** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`string` .. raw:: html

- .. raw:: html

Optional comment describing the firewall rule. .. raw:: html

* - .. raw:: html

.. _ansible_collections.cisco.meraki.meraki_mr_l3_firewall_module__parameter-rules/dest_cidr: .. rst-class:: ansible-option-title **dest_cidr** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`string` .. raw:: html

- .. raw:: html

Comma-separated list of CIDR notation networks to match. .. raw:: html

* - .. raw:: html

.. _ansible_collections.cisco.meraki.meraki_mr_l3_firewall_module__parameter-rules/dest_port: .. rst-class:: ansible-option-title **dest_port** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`string` .. raw:: html

- .. raw:: html

Comma-seperated list of destination ports to match. .. raw:: html

* - .. raw:: html

.. _ansible_collections.cisco.meraki.meraki_mr_l3_firewall_module__parameter-rules/policy: .. rst-class:: ansible-option-title **policy** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`string` .. raw:: html

- .. raw:: html

Specifies the action that should be taken when rule is hit. .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`"allow"` - :ansible-option-choices-entry:`"deny"` .. raw:: html

* - .. raw:: html

.. _ansible_collections.cisco.meraki.meraki_mr_l3_firewall_module__parameter-rules/protocol: .. rst-class:: ansible-option-title **protocol** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`string` .. raw:: html

- .. raw:: html

Specifies protocol to match against. .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`"any"` - :ansible-option-choices-entry:`"icmp"` - :ansible-option-choices-entry:`"tcp"` - :ansible-option-choices-entry:`"udp"` .. raw:: html

* - .. raw:: html

.. _ansible_collections.cisco.meraki.meraki_mr_l3_firewall_module__parameter-ssid: .. _ansible_collections.cisco.meraki.meraki_mr_l3_firewall_module__parameter-ssid_name: .. rst-class:: ansible-option-title **ssid_name** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-aliases:`aliases: ssid` .. rst-class:: ansible-option-type-line :ansible-option-type:`string` .. raw:: html

- .. raw:: html

Name of SSID to apply firewall rule to. .. raw:: html

* - .. raw:: html

.. _ansible_collections.cisco.meraki.meraki_mr_l3_firewall_module__parameter-state: .. rst-class:: ansible-option-title **state** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`string` .. raw:: html

- .. raw:: html

Create or modify an organization. .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry-default:`"present"` :ansible-option-choices-default-mark:`← (default)` - :ansible-option-choices-entry:`"query"` .. raw:: html

* - .. raw:: html

.. _ansible_collections.cisco.meraki.meraki_mr_l3_firewall_module__parameter-timeout: .. rst-class:: ansible-option-title **timeout** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`integer` .. raw:: html

- .. raw:: html

Time to timeout for HTTP requests. .. rst-class:: ansible-option-line :ansible-option-default-bold:`Default:` :ansible-option-default:`30` .. raw:: html

* - .. raw:: html

.. _ansible_collections.cisco.meraki.meraki_mr_l3_firewall_module__parameter-use_https: .. rst-class:: ansible-option-title **use_https** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

If \ :literal:`no`\ , it will use HTTP. Otherwise it will use HTTPS. Only useful for internal Meraki developers. .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry-default:`true` :ansible-option-choices-default-mark:`← (default)` .. raw:: html

* - .. raw:: html

.. _ansible_collections.cisco.meraki.meraki_mr_l3_firewall_module__parameter-use_proxy: .. rst-class:: ansible-option-title **use_proxy** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

If \ :literal:`no`\ , it will not use a proxy, even if one is defined in an environment variable on the target hosts. .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry-default:`false` :ansible-option-choices-default-mark:`← (default)` - :ansible-option-choices-entry:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.cisco.meraki.meraki_mr_l3_firewall_module__parameter-validate_certs: .. rst-class:: ansible-option-title **validate_certs** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

Whether to validate HTTP certificates. .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry-default:`true` :ansible-option-choices-default-mark:`← (default)` .. raw:: html

.. Attributes .. Notes Notes ----- .. note:: - More information about the Meraki API can be found at \ https://dashboard.meraki.com/api_docs\ . - Some of the options are likely only used for developers within Meraki. - As of Ansible 2.9, Meraki modules output keys as snake case. To use camel case, set the \ :literal:`ANSIBLE\_MERAKI\_FORMAT`\ environment variable to \ :literal:`camelcase`\ . - Ansible's Meraki modules will stop supporting camel case output in Ansible 2.13. Please update your playbooks. - Check Mode downloads the current configuration from the dashboard, then compares changes against this download. Check Mode will report changed if there are differences in the configurations, but does not submit changes to the API for validation of change. .. Seealso .. Examples Examples -------- .. code-block:: yaml+jinja - name: Create single firewall rule meraki_mr_l3_firewall: auth_key: abc123 state: present org_name: YourOrg net_id: 12345 number: 1 rules: - comment: Integration test rule policy: allow protocol: tcp dest_port: 80 dest_cidr: 192.0.2.0/24 allow_lan_access: false delegate_to: localhost - name: Enable local LAN access meraki_mr_l3_firewall: auth_key: abc123 state: present org_name: YourOrg net_id: 123 number: 1 rules: allow_lan_access: true delegate_to: localhost - name: Query firewall rules meraki_mr_l3_firewall: auth_key: abc123 state: query org_name: YourOrg net_name: YourNet number: 1 delegate_to: localhost .. Facts .. Return values .. Status (Presently only deprecated) Status ------ .. Deprecated note - This module will be removed in version 3.0.0. *[deprecated]* - For more information see `DEPRECATED`_. .. Authors Authors ~~~~~~~ - Kevin Breit (@kbreit) .. Extra links Collection links ~~~~~~~~~~~~~~~~ .. raw:: html

Issue Tracker Repository (Sources)

.. Parsing errors