cisco / cisco.meraki / 2.18.0 / module / networks_appliance_security_intrusion Resource module for networks _appliance _security _intrusion | "added in version" 2.16.0 of cisco.meraki" Authors: Francisco Munoz (@fmunoz) This plugin has a corresponding action plugin.cisco.meraki.networks_appliance_security_intrusion (2.18.0) — module
Install with ansible-galaxy collection install cisco.meraki:==2.18.0
collections: - name: cisco.meraki version: 2.18.0
Manage operation update of the resource networks _appliance _security _intrusion.
Set the supported intrusion settings for an MX network.
- name: Update all cisco.meraki.networks_appliance_security_intrusion: meraki_api_key: "{{meraki_api_key}}" meraki_base_url: "{{meraki_base_url}}" meraki_single_request_timeout: "{{meraki_single_request_timeout}}" meraki_certificate_path: "{{meraki_certificate_path}}" meraki_requests_proxy: "{{meraki_requests_proxy}}" meraki_wait_on_rate_limit: "{{meraki_wait_on_rate_limit}}" meraki_nginx_429_retry_wait_time: "{{meraki_nginx_429_retry_wait_time}}" meraki_action_batch_retry_wait_time: "{{meraki_action_batch_retry_wait_time}}" meraki_retry_4xx_error: "{{meraki_retry_4xx_error}}" meraki_retry_4xx_error_wait_time: "{{meraki_retry_4xx_error_wait_time}}" meraki_maximum_retries: "{{meraki_maximum_retries}}" meraki_output_log: "{{meraki_output_log}}" meraki_log_file_prefix: "{{meraki_log_file_prefix}}" meraki_log_path: "{{meraki_log_path}}" meraki_print_console: "{{meraki_print_console}}" meraki_suppress_logging: "{{meraki_suppress_logging}}" meraki_simulate: "{{meraki_simulate}}" meraki_be_geo_id: "{{meraki_be_geo_id}}" meraki_use_iterator_for_get_pages: "{{meraki_use_iterator_for_get_pages}}" meraki_inherit_logging_config: "{{meraki_inherit_logging_config}}" state: present idsRulesets: balanced mode: prevention networkId: string protectedNetworks: excludedCidr: - 10.0.0.0/8 - 127.0.0.0/8 includedCidr: - 10.0.0.0/8 - 127.0.0.0/8 - 169.254.0.0/16 - 172.16.0.0/12 useDefault: false
mode: description: Set mode to 'disabled'/'detection'/'prevention' (optional - omitting will leave current config unchanged). type: str networkId: description: NetworkId path parameter. Network ID. type: str idsRulesets: description: Set the detection ruleset 'connectivity'/'balanced'/'security' (optional - omitting will leave current config unchanged). Default value is 'balanced' if none currently saved. type: str meraki_caller: default: '' description: - meraki_caller (string), optional identifier for API usage tracking; can also be set as an environment variable MERAKI_PYTHON_SDK_CALLER type: str meraki_api_key: description: - meraki_api_key (string), API key generated in dashboard; can also be set as an environment variable MERAKI_DASHBOARD_API_KEY required: true type: str meraki_base_url: default: https://api.meraki.com/api/v1 description: - meraki_base_url (string), preceding all endpoint resources type: str meraki_log_path: default: '' description: - log_path (string), path to output log; by default, working directory of script if not specified type: str meraki_simulate: default: false description: - meraki_simulate (boolean), simulate POST/PUT/DELETE calls to prevent changes? type: bool meraki_be_geo_id: default: '' description: - meraki_be_geo_id (string), optional partner identifier for API usage tracking; can also be set as an environment variable BE_GEO_ID type: str meraki_output_log: default: true description: - meraki_output_log (boolean), create an output log file? type: bool protectedNetworks: description: Set the included/excluded networks from the intrusion engine (optional - omitting will leave current config unchanged). This is available only in 'passthrough' mode. suboptions: excludedCidr: description: List of IP addresses or subnets being excluded from protection (required if 'useDefault' is false). elements: str type: list includedCidr: description: List of IP addresses or subnets being protected (required if 'useDefault' is false). elements: str type: list useDefault: description: True/false whether to use special IPv4 addresses https //tools.ietf.org/html/rfc5735 (required). Default value is true if none currently saved. type: bool type: dict meraki_print_console: default: true description: - meraki_print_console (boolean), print logging output to console? type: bool meraki_requests_proxy: default: '' description: - meraki_requests_proxy (string), proxy server and port, if needed, for HTTPS type: str meraki_log_file_prefix: default: meraki_api_ description: - meraki_log_file_prefix (string), log file name appended with date and timestamp type: str meraki_maximum_retries: default: 2 description: - meraki_maximum_retries (integer), retry up to this many times when encountering 429s or other server-side errors type: int meraki_retry_4xx_error: default: false description: - meraki_retry_4xx_error (boolean), retry if encountering other 4XX error (besides 429)? type: bool meraki_certificate_path: default: '' description: - meraki_certificate_path (string), path for TLS/SSL certificate verification if behind local proxy type: str meraki_suppress_logging: default: false description: - meraki_suppress_logging (boolean), disable all logging? you're on your own then! type: bool meraki_wait_on_rate_limit: default: true description: - meraki_wait_on_rate_limit (boolean), retry if 429 rate limit error encountered? type: bool meraki_inherit_logging_config: default: false description: - meraki_inherit_logging_config (boolean), Inherits your own logger instance type: bool meraki_single_request_timeout: default: 60 description: - meraki_single_request_timeout (integer), maximum number of seconds for each API call type: int meraki_nginx_429_retry_wait_time: default: 60 description: - meraki_nginx_429_retry_wait_time (integer), Nginx 429 retry wait time type: int meraki_retry_4xx_error_wait_time: default: 60 description: - meraki_retry_4xx_error_wait_time (integer), other 4XX error retry wait time type: int meraki_use_iterator_for_get_pages: default: false description: - meraki_use_iterator_for_get_pages (boolean), list* methods will return an iterator with each object instead of a complete list with all items type: bool meraki_action_batch_retry_wait_time: default: 60 description: - meraki_action_batch_retry_wait_time (integer), action batch concurrency error retry wait time type: int
meraki_response: description: A dictionary or list with the response returned by the Cisco Meraki Python SDK returned: always sample: "{\n \"idsRulesets\": \"string\",\n \"mode\": \"string\",\n \"protectedNetworks\"\ : {\n \"excludedCidr\": [\n \"string\"\n ],\n \"includedCidr\":\ \ [\n \"string\"\n ],\n \"useDefault\": true\n }\n}\n" type: dict