cisco / cisco.meraki / 2.18.0 / module / networks_appliance_firewall_inbound_firewall_rules Resource module for networks _appliance _firewall _inboundfirewallrules | "added in version" 2.16.0 of cisco.meraki" Authors: Francisco Munoz (@fmunoz) This plugin has a corresponding action plugin.cisco.meraki.networks_appliance_firewall_inbound_firewall_rules (2.18.0) — module
Install with ansible-galaxy collection install cisco.meraki:==2.18.0
collections: - name: cisco.meraki version: 2.18.0
Manage operation update of the resource networks _appliance _firewall _inboundfirewallrules.
Update the inbound firewall rules of an MX network.
- name: Update all cisco.meraki.networks_appliance_firewall_inbound_firewall_rules: meraki_api_key: "{{meraki_api_key}}" meraki_base_url: "{{meraki_base_url}}" meraki_single_request_timeout: "{{meraki_single_request_timeout}}" meraki_certificate_path: "{{meraki_certificate_path}}" meraki_requests_proxy: "{{meraki_requests_proxy}}" meraki_wait_on_rate_limit: "{{meraki_wait_on_rate_limit}}" meraki_nginx_429_retry_wait_time: "{{meraki_nginx_429_retry_wait_time}}" meraki_action_batch_retry_wait_time: "{{meraki_action_batch_retry_wait_time}}" meraki_retry_4xx_error: "{{meraki_retry_4xx_error}}" meraki_retry_4xx_error_wait_time: "{{meraki_retry_4xx_error_wait_time}}" meraki_maximum_retries: "{{meraki_maximum_retries}}" meraki_output_log: "{{meraki_output_log}}" meraki_log_file_prefix: "{{meraki_log_file_prefix}}" meraki_log_path: "{{meraki_log_path}}" meraki_print_console: "{{meraki_print_console}}" meraki_suppress_logging: "{{meraki_suppress_logging}}" meraki_simulate: "{{meraki_simulate}}" meraki_be_geo_id: "{{meraki_be_geo_id}}" meraki_use_iterator_for_get_pages: "{{meraki_use_iterator_for_get_pages}}" meraki_inherit_logging_config: "{{meraki_inherit_logging_config}}" state: present networkId: string rules: - comment: Allow TCP traffic to subnet with HTTP servers. destCidr: 192.168.1.0/24 destPort: '443' policy: allow protocol: tcp srcCidr: Any srcPort: Any syslogEnabled: false syslogDefaultRule: true
rules: description: An ordered array of the firewall rules (not including the default rule). elements: dict suboptions: comment: description: Description of the rule (optional). type: str destCidr: description: Comma-separated list of destination IP address(es) (in IP or CIDR notation), fully-qualified domain names (FQDN) or 'any'. type: str destPort: description: Comma-separated list of destination port(s) (integer in the range 1-65535), or 'any'. type: str policy: description: '''allow'' or ''deny'' traffic specified by this rule.' type: str protocol: description: The type of protocol (must be 'tcp', 'udp', 'icmp', 'icmp6' or 'any'). type: str srcCidr: description: Comma-separated list of source IP address(es) (in IP or CIDR notation), or 'any' (note FQDN not supported for source addresses). type: str srcPort: description: Comma-separated list of source port(s) (integer in the range 1-65535), or 'any'. type: str syslogEnabled: description: Log this rule to syslog (true or false, boolean value) - only applicable if a syslog has been configured (optional). type: bool type: list networkId: description: NetworkId path parameter. Network ID. type: str meraki_caller: default: '' description: - meraki_caller (string), optional identifier for API usage tracking; can also be set as an environment variable MERAKI_PYTHON_SDK_CALLER type: str meraki_api_key: description: - meraki_api_key (string), API key generated in dashboard; can also be set as an environment variable MERAKI_DASHBOARD_API_KEY required: true type: str meraki_base_url: default: https://api.meraki.com/api/v1 description: - meraki_base_url (string), preceding all endpoint resources type: str meraki_log_path: default: '' description: - log_path (string), path to output log; by default, working directory of script if not specified type: str meraki_simulate: default: false description: - meraki_simulate (boolean), simulate POST/PUT/DELETE calls to prevent changes? type: bool meraki_be_geo_id: default: '' description: - meraki_be_geo_id (string), optional partner identifier for API usage tracking; can also be set as an environment variable BE_GEO_ID type: str meraki_output_log: default: true description: - meraki_output_log (boolean), create an output log file? type: bool syslogDefaultRule: description: Log the special default rule (boolean value - enable only if you've configured a syslog server) (optional). type: bool meraki_print_console: default: true description: - meraki_print_console (boolean), print logging output to console? type: bool meraki_requests_proxy: default: '' description: - meraki_requests_proxy (string), proxy server and port, if needed, for HTTPS type: str meraki_log_file_prefix: default: meraki_api_ description: - meraki_log_file_prefix (string), log file name appended with date and timestamp type: str meraki_maximum_retries: default: 2 description: - meraki_maximum_retries (integer), retry up to this many times when encountering 429s or other server-side errors type: int meraki_retry_4xx_error: default: false description: - meraki_retry_4xx_error (boolean), retry if encountering other 4XX error (besides 429)? type: bool meraki_certificate_path: default: '' description: - meraki_certificate_path (string), path for TLS/SSL certificate verification if behind local proxy type: str meraki_suppress_logging: default: false description: - meraki_suppress_logging (boolean), disable all logging? you're on your own then! type: bool meraki_wait_on_rate_limit: default: true description: - meraki_wait_on_rate_limit (boolean), retry if 429 rate limit error encountered? type: bool meraki_inherit_logging_config: default: false description: - meraki_inherit_logging_config (boolean), Inherits your own logger instance type: bool meraki_single_request_timeout: default: 60 description: - meraki_single_request_timeout (integer), maximum number of seconds for each API call type: int meraki_nginx_429_retry_wait_time: default: 60 description: - meraki_nginx_429_retry_wait_time (integer), Nginx 429 retry wait time type: int meraki_retry_4xx_error_wait_time: default: 60 description: - meraki_retry_4xx_error_wait_time (integer), other 4XX error retry wait time type: int meraki_use_iterator_for_get_pages: default: false description: - meraki_use_iterator_for_get_pages (boolean), list* methods will return an iterator with each object instead of a complete list with all items type: bool meraki_action_batch_retry_wait_time: default: 60 description: - meraki_action_batch_retry_wait_time (integer), action batch concurrency error retry wait time type: int
meraki_response: description: A dictionary or list with the response returned by the Cisco Meraki Python SDK returned: always sample: "{\n \"rules\": [\n {\n \"comment\": \"string\",\n \"destCidr\"\ : \"string\",\n \"destPort\": \"string\",\n \"policy\": \"string\",\n\ \ \"protocol\": \"string\",\n \"srcCidr\": \"string\",\n \"srcPort\"\ : \"string\",\n \"syslogEnabled\": true\n }\n ],\n \"syslogDefaultRule\"\ : true\n}\n" type: dict