`_ (version 2.20.7). To install it, use: :code:`ansible-galaxy collection install cisco.meraki`. To use it in a playbook, specify: :code:`cisco.meraki.meraki_mx_intrusion_prevention`. .. version_added .. contents:: :local: :depth: 1 .. Deprecated DEPRECATED ---------- :Removed in: version 3.0.0 :Why: Updated modules released with increased functionality :Alternative: cisco.meraki.organizations\_appliance\_security\_intrusion and cisco.meraki.networks\_appliance\_security\_intrusion Synopsis -------- .. Description - Allows for management of intrusion prevention rules networks within Meraki MX networks. .. Aliases .. Requirements .. Options Parameters ---------- .. rst-class:: ansible-option-table .. list-table:: :width: 100% :widths: auto :header-rows: 1 * - Parameter - Comments * - .. raw:: html

.. _ansible_collections.cisco.meraki.meraki_mx_intrusion_prevention_module__parameter-allowed_rules: .. rst-class:: ansible-option-title **allowed_rules** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`list` / :ansible-option-elements:`elements=dictionary` .. raw:: html

- .. raw:: html

List of IDs related to rules which are allowed for the organization. .. raw:: html

* - .. raw:: html

.. _ansible_collections.cisco.meraki.meraki_mx_intrusion_prevention_module__parameter-allowed_rules/rule_id: .. rst-class:: ansible-option-title **rule_id** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`string` .. raw:: html

- .. raw:: html

ID of rule as defined by Snort. .. raw:: html

* - .. raw:: html

.. _ansible_collections.cisco.meraki.meraki_mx_intrusion_prevention_module__parameter-allowed_rules/message_rule: .. _ansible_collections.cisco.meraki.meraki_mx_intrusion_prevention_module__parameter-allowed_rules/rule_message: .. rst-class:: ansible-option-title **rule_message** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-aliases:`aliases: message_rule` .. rst-class:: ansible-option-type-line :ansible-option-type:`string` :ansible-option-versionadded:`added in cisco.meraki 2.3.0` .. raw:: html

- .. raw:: html

Description of rule. This is overwritten by the API. Formerly \ :literal:`message\_rule`\ which was deprecated but still maintained as an alias. .. raw:: html

* - .. raw:: html

.. _ansible_collections.cisco.meraki.meraki_mx_intrusion_prevention_module__parameter-auth_key: .. rst-class:: ansible-option-title **auth_key** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`string` / :ansible-option-required:`required` .. raw:: html

- .. raw:: html

Authentication key provided by the dashboard. Required if environmental variable \ :literal:`MERAKI\_KEY`\ is not set. .. raw:: html

* - .. raw:: html

.. _ansible_collections.cisco.meraki.meraki_mx_intrusion_prevention_module__parameter-host: .. rst-class:: ansible-option-title **host** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`string` .. raw:: html

- .. raw:: html

Hostname for Meraki dashboard. Can be used to access regional Meraki environments, such as China. .. rst-class:: ansible-option-line :ansible-option-default-bold:`Default:` :ansible-option-default:`"api.meraki.com"` .. raw:: html

* - .. raw:: html

.. _ansible_collections.cisco.meraki.meraki_mx_intrusion_prevention_module__parameter-ids_rulesets: .. rst-class:: ansible-option-title **ids_rulesets** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`string` .. raw:: html

- .. raw:: html

Ruleset complexity setting. .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`"connectivity"` - :ansible-option-choices-entry:`"balanced"` - :ansible-option-choices-entry:`"security"` .. raw:: html

* - .. raw:: html

.. _ansible_collections.cisco.meraki.meraki_mx_intrusion_prevention_module__parameter-internal_error_retry_time: .. rst-class:: ansible-option-title **internal_error_retry_time** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`integer` .. raw:: html

- .. raw:: html

Number of seconds to retry if server returns an internal server error. .. rst-class:: ansible-option-line :ansible-option-default-bold:`Default:` :ansible-option-default:`60` .. raw:: html

* - .. raw:: html

.. _ansible_collections.cisco.meraki.meraki_mx_intrusion_prevention_module__parameter-mode: .. rst-class:: ansible-option-title **mode** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`string` .. raw:: html

- .. raw:: html

Operational mode of Intrusion Prevention system. .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`"detection"` - :ansible-option-choices-entry:`"disabled"` - :ansible-option-choices-entry:`"prevention"` .. raw:: html

* - .. raw:: html

.. _ansible_collections.cisco.meraki.meraki_mx_intrusion_prevention_module__parameter-net_id: .. rst-class:: ansible-option-title **net_id** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`string` .. raw:: html

- .. raw:: html

ID number of a network. .. raw:: html

* - .. raw:: html

.. _ansible_collections.cisco.meraki.meraki_mx_intrusion_prevention_module__parameter-name: .. _ansible_collections.cisco.meraki.meraki_mx_intrusion_prevention_module__parameter-net_name: .. _ansible_collections.cisco.meraki.meraki_mx_intrusion_prevention_module__parameter-network: .. rst-class:: ansible-option-title **net_name** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-aliases:`aliases: name, network` .. rst-class:: ansible-option-type-line :ansible-option-type:`string` .. raw:: html

- .. raw:: html

Name of a network. .. raw:: html

* - .. raw:: html

.. _ansible_collections.cisco.meraki.meraki_mx_intrusion_prevention_module__parameter-org_id: .. rst-class:: ansible-option-title **org_id** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`string` .. raw:: html

- .. raw:: html

ID of organization. .. raw:: html

* - .. raw:: html

.. _ansible_collections.cisco.meraki.meraki_mx_intrusion_prevention_module__parameter-org_name: .. _ansible_collections.cisco.meraki.meraki_mx_intrusion_prevention_module__parameter-organization: .. rst-class:: ansible-option-title **org_name** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-aliases:`aliases: organization` .. rst-class:: ansible-option-type-line :ansible-option-type:`string` .. raw:: html

- .. raw:: html

Name of organization. .. raw:: html

* - .. raw:: html

.. _ansible_collections.cisco.meraki.meraki_mx_intrusion_prevention_module__parameter-output_format: .. rst-class:: ansible-option-title **output_format** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`string` .. raw:: html

- .. raw:: html

Instructs module whether response keys should be snake case (ex. \ :literal:`net\_id`\ ) or camel case (ex. \ :literal:`netId`\ ). .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry-default:`"snakecase"` :ansible-option-choices-default-mark:`← (default)` - :ansible-option-choices-entry:`"camelcase"` .. raw:: html

* - .. raw:: html

.. _ansible_collections.cisco.meraki.meraki_mx_intrusion_prevention_module__parameter-output_level: .. rst-class:: ansible-option-title **output_level** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`string` .. raw:: html

- .. raw:: html

Set amount of debug output during module execution. .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`"debug"` - :ansible-option-choices-entry-default:`"normal"` :ansible-option-choices-default-mark:`← (default)` .. raw:: html

* - .. raw:: html

.. _ansible_collections.cisco.meraki.meraki_mx_intrusion_prevention_module__parameter-protected_networks: .. rst-class:: ansible-option-title **protected_networks** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`dictionary` .. raw:: html

- .. raw:: html

Set included/excluded networks for Intrusion Prevention. .. raw:: html

* - .. raw:: html

.. _ansible_collections.cisco.meraki.meraki_mx_intrusion_prevention_module__parameter-protected_networks/excluded_cidr: .. rst-class:: ansible-option-title **excluded_cidr** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`list` / :ansible-option-elements:`elements=string` .. raw:: html

- .. raw:: html

List of network IP ranges to exclude from scanning. .. raw:: html

* - .. raw:: html

.. _ansible_collections.cisco.meraki.meraki_mx_intrusion_prevention_module__parameter-protected_networks/included_cidr: .. rst-class:: ansible-option-title **included_cidr** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`list` / :ansible-option-elements:`elements=string` .. raw:: html

- .. raw:: html

List of network IP ranges to include in scanning. .. raw:: html

* - .. raw:: html

.. _ansible_collections.cisco.meraki.meraki_mx_intrusion_prevention_module__parameter-protected_networks/use_default: .. rst-class:: ansible-option-title **use_default** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

Whether to use special IPv4 addresses per RFC 5735. .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.cisco.meraki.meraki_mx_intrusion_prevention_module__parameter-rate_limit_retry_time: .. rst-class:: ansible-option-title **rate_limit_retry_time** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`integer` .. raw:: html

- .. raw:: html

Number of seconds to retry if rate limiter is triggered. .. rst-class:: ansible-option-line :ansible-option-default-bold:`Default:` :ansible-option-default:`165` .. raw:: html

* - .. raw:: html

.. _ansible_collections.cisco.meraki.meraki_mx_intrusion_prevention_module__parameter-state: .. rst-class:: ansible-option-title **state** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`string` .. raw:: html

- .. raw:: html

Create or modify an organization. .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`"absent"` - :ansible-option-choices-entry-default:`"present"` :ansible-option-choices-default-mark:`← (default)` - :ansible-option-choices-entry:`"query"` .. raw:: html

* - .. raw:: html

.. _ansible_collections.cisco.meraki.meraki_mx_intrusion_prevention_module__parameter-timeout: .. rst-class:: ansible-option-title **timeout** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`integer` .. raw:: html

- .. raw:: html

Time to timeout for HTTP requests. .. rst-class:: ansible-option-line :ansible-option-default-bold:`Default:` :ansible-option-default:`30` .. raw:: html

* - .. raw:: html

.. _ansible_collections.cisco.meraki.meraki_mx_intrusion_prevention_module__parameter-use_https: .. rst-class:: ansible-option-title **use_https** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

If \ :literal:`no`\ , it will use HTTP. Otherwise it will use HTTPS. Only useful for internal Meraki developers. .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry-default:`true` :ansible-option-choices-default-mark:`← (default)` .. raw:: html

* - .. raw:: html

.. _ansible_collections.cisco.meraki.meraki_mx_intrusion_prevention_module__parameter-use_proxy: .. rst-class:: ansible-option-title **use_proxy** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

If \ :literal:`no`\ , it will not use a proxy, even if one is defined in an environment variable on the target hosts. .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry-default:`false` :ansible-option-choices-default-mark:`← (default)` - :ansible-option-choices-entry:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.cisco.meraki.meraki_mx_intrusion_prevention_module__parameter-validate_certs: .. rst-class:: ansible-option-title **validate_certs** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

Whether to validate HTTP certificates. .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry-default:`true` :ansible-option-choices-default-mark:`← (default)` .. raw:: html

.. Attributes .. Notes Notes ----- .. note:: - More information about the Meraki API can be found at \ https://dashboard.meraki.com/api_docs\ . - Some of the options are likely only used for developers within Meraki. - As of Ansible 2.9, Meraki modules output keys as snake case. To use camel case, set the \ :literal:`ANSIBLE\_MERAKI\_FORMAT`\ environment variable to \ :literal:`camelcase`\ . - Ansible's Meraki modules will stop supporting camel case output in Ansible 2.13. Please update your playbooks. - Check Mode downloads the current configuration from the dashboard, then compares changes against this download. Check Mode will report changed if there are differences in the configurations, but does not submit changes to the API for validation of change. .. Seealso .. Examples Examples -------- .. code-block:: yaml+jinja - name: Set whitelist for organization meraki_intrusion_prevention: auth_key: '{{ auth_key }}' state: present org_id: '{{ test_org_id }}' allowed_rules: - rule_id: "meraki:intrusion/snort/GID/01/SID/5805" rule_message: Test rule delegate_to: localhost - name: Query IPS info for organization meraki_intrusion_prevention: auth_key: '{{ auth_key }}' state: query org_name: '{{ test_org_name }}' delegate_to: localhost register: query_org - name: Set full ruleset with check mode meraki_intrusion_prevention: auth_key: '{{ auth_key }}' state: present org_name: '{{ test_org_name }}' net_name: '{{ test_net_name }} - IPS' mode: prevention ids_rulesets: security protected_networks: use_default: true included_cidr: - 192.0.1.0/24 excluded_cidr: - 10.0.1.0/24 delegate_to: localhost - name: Clear rules from organization meraki_intrusion_prevention: auth_key: '{{ auth_key }}' state: absent org_name: '{{ test_org_name }}' allowed_rules: [] delegate_to: localhost .. Facts .. Return values Return Values ------------- Common return values are documented :ref:`here `, the following are the fields unique to this module: .. rst-class:: ansible-option-table .. list-table:: :width: 100% :widths: auto :header-rows: 1 * - Key - Description * - .. raw:: html

.. _ansible_collections.cisco.meraki.meraki_mx_intrusion_prevention_module__return-data: .. rst-class:: ansible-option-title **data** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`complex` .. raw:: html

- .. raw:: html

Information about the Threat Protection settings. .. rst-class:: ansible-option-line :ansible-option-returned-bold:`Returned:` success .. raw:: html

* - .. raw:: html

.. _ansible_collections.cisco.meraki.meraki_mx_intrusion_prevention_module__return-data/idsrulesets: .. rst-class:: ansible-option-title **idsRulesets** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`string` .. raw:: html

- .. raw:: html

Setting of selected ruleset. .. rst-class:: ansible-option-line :ansible-option-returned-bold:`Returned:` success, when network is queried or modified .. rst-class:: ansible-option-line .. rst-class:: ansible-option-sample :ansible-option-sample-bold:`Sample:` :ansible-rv-sample-value:`"balanced"` .. raw:: html

* - .. raw:: html

.. _ansible_collections.cisco.meraki.meraki_mx_intrusion_prevention_module__return-data/mode: .. rst-class:: ansible-option-title **mode** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`string` .. raw:: html

- .. raw:: html

Enabled setting of intrusion prevention. .. rst-class:: ansible-option-line :ansible-option-returned-bold:`Returned:` success, when network is queried or modified .. rst-class:: ansible-option-line .. rst-class:: ansible-option-sample :ansible-option-sample-bold:`Sample:` :ansible-rv-sample-value:`"enabled"` .. raw:: html

* - .. raw:: html

.. _ansible_collections.cisco.meraki.meraki_mx_intrusion_prevention_module__return-data/protectednetworks: .. rst-class:: ansible-option-title **protectedNetworks** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`complex` .. raw:: html

- .. raw:: html

Networks protected by IPS. .. rst-class:: ansible-option-line :ansible-option-returned-bold:`Returned:` success, when network is queried or modified .. raw:: html

* - .. raw:: html

.. _ansible_collections.cisco.meraki.meraki_mx_intrusion_prevention_module__return-data/protectednetworks/excludedcidr: .. rst-class:: ansible-option-title **excludedCidr** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`string` .. raw:: html

- .. raw:: html

List of CIDR notiation networks to exclude from protection. .. rst-class:: ansible-option-line :ansible-option-returned-bold:`Returned:` success, when network is queried or modified .. rst-class:: ansible-option-line .. rst-class:: ansible-option-sample :ansible-option-sample-bold:`Sample:` :ansible-rv-sample-value:`"192.0.1.0/24"` .. raw:: html

* - .. raw:: html

.. _ansible_collections.cisco.meraki.meraki_mx_intrusion_prevention_module__return-data/protectednetworks/includedcidr: .. rst-class:: ansible-option-title **includedCidr** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`string` .. raw:: html

- .. raw:: html

List of CIDR notiation networks to protect. .. rst-class:: ansible-option-line :ansible-option-returned-bold:`Returned:` success, when network is queried or modified .. rst-class:: ansible-option-line .. rst-class:: ansible-option-sample :ansible-option-sample-bold:`Sample:` :ansible-rv-sample-value:`"192.0.1.0/24"` .. raw:: html

* - .. raw:: html

.. _ansible_collections.cisco.meraki.meraki_mx_intrusion_prevention_module__return-data/protectednetworks/usedefault: .. rst-class:: ansible-option-title **useDefault** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

Whether to use special IPv4 addresses. .. rst-class:: ansible-option-line :ansible-option-returned-bold:`Returned:` success, when network is queried or modified .. rst-class:: ansible-option-line .. rst-class:: ansible-option-sample :ansible-option-sample-bold:`Sample:` :ansible-rv-sample-value:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.cisco.meraki.meraki_mx_intrusion_prevention_module__return-data/whitelistedrules: .. rst-class:: ansible-option-title **whitelistedRules** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`complex` .. raw:: html

- .. raw:: html

List of whitelisted IPS rules. .. rst-class:: ansible-option-line :ansible-option-returned-bold:`Returned:` success, when organization is queried or modified .. raw:: html

* - .. raw:: html

.. _ansible_collections.cisco.meraki.meraki_mx_intrusion_prevention_module__return-data/whitelistedrules/rule_message: .. rst-class:: ansible-option-title **rule_message** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`string` .. raw:: html

- .. raw:: html

Description of rule. .. rst-class:: ansible-option-line :ansible-option-returned-bold:`Returned:` success, when organization is queried or modified .. rst-class:: ansible-option-line .. rst-class:: ansible-option-sample :ansible-option-sample-bold:`Sample:` :ansible-rv-sample-value:`"MALWARE-OTHER Trackware myway speedbar runtime detection - switch engines"` .. raw:: html

* - .. raw:: html

.. _ansible_collections.cisco.meraki.meraki_mx_intrusion_prevention_module__return-data/whitelistedrules/ruleid: .. rst-class:: ansible-option-title **ruleId** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`string` .. raw:: html

- .. raw:: html

A rule identifier for an IPS rule. .. rst-class:: ansible-option-line :ansible-option-returned-bold:`Returned:` success, when organization is queried or modified .. rst-class:: ansible-option-line .. rst-class:: ansible-option-sample :ansible-option-sample-bold:`Sample:` :ansible-rv-sample-value:`"meraki:intrusion/snort/GID/01/SID/5805"` .. raw:: html

.. Status (Presently only deprecated) Status ------ .. Deprecated note - This module will be removed in version 3.0.0. *[deprecated]* - For more information see `DEPRECATED`_. .. Authors Authors ~~~~~~~ - Kevin Breit (@kbreit) .. Extra links Collection links ~~~~~~~~~~~~~~~~ .. raw:: html

Issue Tracker Repository (Sources)

.. Parsing errors