cisco / cisco.meraki / 2.18.0 / module / networks_wireless_ssids Resource module for networks _wireless _ssids | "added in version" 2.16.0 of cisco.meraki" Authors: Francisco Munoz (@fmunoz) This plugin has a corresponding action plugin.cisco.meraki.networks_wireless_ssids (2.18.0) — module
Install with ansible-galaxy collection install cisco.meraki:==2.18.0
collections: - name: cisco.meraki version: 2.18.0
Manage operation update of the resource networks _wireless _ssids.
Update the attributes of an MR SSID.
- name: Update by id cisco.meraki.networks_wireless_ssids: meraki_api_key: "{{meraki_api_key}}" meraki_base_url: "{{meraki_base_url}}" meraki_single_request_timeout: "{{meraki_single_request_timeout}}" meraki_certificate_path: "{{meraki_certificate_path}}" meraki_requests_proxy: "{{meraki_requests_proxy}}" meraki_wait_on_rate_limit: "{{meraki_wait_on_rate_limit}}" meraki_nginx_429_retry_wait_time: "{{meraki_nginx_429_retry_wait_time}}" meraki_action_batch_retry_wait_time: "{{meraki_action_batch_retry_wait_time}}" meraki_retry_4xx_error: "{{meraki_retry_4xx_error}}" meraki_retry_4xx_error_wait_time: "{{meraki_retry_4xx_error_wait_time}}" meraki_maximum_retries: "{{meraki_maximum_retries}}" meraki_output_log: "{{meraki_output_log}}" meraki_log_file_prefix: "{{meraki_log_file_prefix}}" meraki_log_path: "{{meraki_log_path}}" meraki_print_console: "{{meraki_print_console}}" meraki_suppress_logging: "{{meraki_suppress_logging}}" meraki_simulate: "{{meraki_simulate}}" meraki_be_geo_id: "{{meraki_be_geo_id}}" meraki_use_iterator_for_get_pages: "{{meraki_use_iterator_for_get_pages}}" meraki_inherit_logging_config: "{{meraki_inherit_logging_config}}" state: present activeDirectory: credentials: logonName: user password: password servers: - host: 127.0.0.1 port: 3268 adultContentFilteringEnabled: false apTagsAndVlanIds: - tags: - tag1 - tag2 vlanId: 100 authMode: 8021x-radius availabilityTags: - tag1 - tag2 availableOnAllAps: false bandSelection: 5 GHz band only concentratorNetworkId: N_24329156 defaultVlanId: 1 disassociateClientsOnVpnFailover: false dnsRewrite: dnsCustomNameservers: - 8.8.8.8 - 8.8.4.4 enabled: true dot11r: adaptive: true enabled: true dot11w: enabled: true required: false enabled: true encryptionMode: wpa enterpriseAdminAccess: access enabled gre: concentrator: host: 192.168.1.1 key: 5 ipAssignmentMode: NAT mode lanIsolationEnabled: true ldap: baseDistinguishedName: dc=example,dc=com credentials: distinguishedName: cn=user,dc=example,dc=com password: password serverCaCertificate: contents: '-----BEGIN CERTIFICATE----- MIIEKjCCAxKgAwIBAgIRANb+lsED3eb4+6YKLFFYqEkwDQYJKoZIhvcNAQELBQAw gYcxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMREwDwYDVQQHDAhT YW4gSm9zZTEcMBoGA1UECgwTQ2lzY28gU3lzdGVtcywgSW5jLjESMBAGA1UECwwJ RE5BU3BhY2VzMR4wHAYDVQQDDBVjaXNjby5vcGVucm9hbWluZy5vcmcwHhcNMjAx MTA1MjEzMzM1WhcNMjExMTA1MjIzMzM1WjCBpDEcMBoGCgmSJomT8ixkAQETDGRu YXNwYWNlczpVUzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMQ4wDAYDVQQKEwVD aXNjbzEcMBoGA1UECxMTV0JBOldSSVggRW5kLUVudGl0eTE8MDoGA1UEAxMzNjQ3 MDcwNDM4NDQ5NjQxMjAwMDAuMTg4MzQuaHMuY2lzY28ub3BlbnJvYW1pbmcub3Jn MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoqjP9QgRGyUO3p7SH9QK uTq6UYK7nAyjImgS4yQxeBkyZ5f2EUkX8m/AOcewpPxxPBhjPKRwxGeX3S50ksiA ayFomUeslR0S0Z7RN9rzJa+CFyi9MwWIHMbLgXpB8tsSpgTAqwrzoTzOGq9fgC6u pZhdZrBkg3FeJgD88goCi9mZDsY2YAoeGRLFJ2fR8iICqIVQy+Htq9pE22WBLpnS KjL3+mR9FArHNFtWlhKF2YHMUqyHHrnZnF/Ns7QNoMMF7/CK18iAKgnb+2wuGKM aEMddOeOTtz+i/rgjkp/RGMt011EdCsso0/cTo9qqX/bxOOCE4/Mne/ChMkQPnNU CwIDAQABo3IwcDAJBgNVHRMEAjAAMB8GA1UdIwQYMBaAFIG+4l5yiB01gP0sw4ML USopqYcuMB0GA1UdDgQWBBSby1T9leYVOVVdOZXiHCSaDDEMiDAOBgNVHQ8BAf8E BAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQADggEBAEyE 1mjSUyY6uNp6W4l20w7SskALSJDRKkOeZxAgF3VMxlsCuEl70s9oEfntwIpyQtSa jON/9yJHbwm/Az824bmk8Dc7AXIPhay+dftXb8j529gPuYB9AKoPNg0NctkyYCQh a/3YQVdDWX7XgmEiXkL57M7G6+IdcPDONLArfjOcT9qHdkVVq1AIjlMSx3OQQmm/ uoLb/G9q/97QA2/l8shG/Na8HjVqGLcl5TNZdbNhs2w9ogxr/GNzqdvym6RQ8vT/ UR2n+uwH4n1MUxmHYYeyot5dnIV1IJ6hQ54JAncM9HvCLFk1WHz6RKshQUCuPBiJ wTw70BVktzJnb0VLeDg= -----END CERTIFICATE-----' servers: - host: 127.0.0.1 port: 389 localRadius: cacheTimeout: 60 certificateAuthentication: clientRootCaCertificate: contents: '-----BEGIN CERTIFICATE----- MIIEKjCCAxKgAwIBAgIRANb+lsED3eb4+6YKLFFYqEkwDQYJKoZIhvcNAQELBQAw gYcxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMREwDwYDVQQHDAhT YW4gSm9zZTEcMBoGA1UECgwTQ2lzY28gU3lzdGVtcywgSW5jLjESMBAGA1UECwwJ RE5BU3BhY2VzMR4wHAYDVQQDDBVjaXNjby5vcGVucm9hbWluZy5vcmcwHhcNMjAx MTA1MjEzMzM1WhcNMjExMTA1MjIzMzM1WjCBpDEcMBoGCgmSJomT8ixkAQETDGRu YXNwYWNlczpVUzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMQ4wDAYDVQQKEwVD aXNjbzEcMBoGA1UECxMTV0JBOldSSVggRW5kLUVudGl0eTE8MDoGA1UEAxMzNjQ3 MDcwNDM4NDQ5NjQxMjAwMDAuMTg4MzQuaHMuY2lzY28ub3BlbnJvYW1pbmcub3Jn MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoqjP9QgRGyUO3p7SH9QK uTq6UYK7nAyjImgS4yQxeBkyZ5f2EUkX8m/AOcewpPxxPBhjPKRwxGeX3S50ksiA ayFomUeslR0S0Z7RN9rzJa+CFyi9MwWIHMbLgXpB8tsSpgTAqwrzoTzOGq9fgC6u pZhdZrBkg3FeJgD88goCi9mZDsY2YAoeGRLFJ2fR8iICqIVQy+Htq9pE22WBLpnS KjL3+mR9FArHNFtWlhKF2YHMUqyHHrnZnF/Ns7QNoMMF7/CK18iAKgnb+2wuGKM aEMddOeOTtz+i/rgjkp/RGMt011EdCsso0/cTo9qqX/bxOOCE4/Mne/ChMkQPnNU CwIDAQABo3IwcDAJBgNVHRMEAjAAMB8GA1UdIwQYMBaAFIG+4l5yiB01gP0sw4ML USopqYcuMB0GA1UdDgQWBBSby1T9leYVOVVdOZXiHCSaDDEMiDAOBgNVHQ8BAf8E BAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQADggEBAEyE 1mjSUyY6uNp6W4l20w7SskALSJDRKkOeZxAgF3VMxlsCuEl70s9oEfntwIpyQtSa jON/9yJHbwm/Az824bmk8Dc7AXIPhay+dftXb8j529gPuYB9AKoPNg0NctkyYCQh a/3YQVdDWX7XgmEiXkL57M7G6+IdcPDONLArfjOcT9qHdkVVq1AIjlMSx3OQQmm/ uoLb/G9q/97QA2/l8shG/Na8HjVqGLcl5TNZdbNhs2w9ogxr/GNzqdvym6RQ8vT/ UR2n+uwH4n1MUxmHYYeyot5dnIV1IJ6hQ54JAncM9HvCLFk1WHz6RKshQUCuPBiJ wTw70BVktzJnb0VLeDg= -----END CERTIFICATE-----' enabled: true ocspResponderUrl: http://ocsp-server.example.com useLdap: false useOcsp: true passwordAuthentication: enabled: false mandatoryDhcpEnabled: false minBitrate: 5.5 name: My SSID namedVlans: radius: guestVlan: enabled: true name: Guest VLAN tagging: byApTags: - tags: - tag1 - tag2 vlanName: My VLAN defaultVlanName: My VLAN enabled: true networkId: string number: string oauth: allowedDomains: - example.com perClientBandwidthLimitDown: 0 perClientBandwidthLimitUp: 0 perSsidBandwidthLimitDown: 0 perSsidBandwidthLimitUp: 0 psk: deadbeef radiusAccountingEnabled: true radiusAccountingInterimInterval: 5 radiusAccountingServers: - caCertificate: '-----BEGIN CERTIFICATE----- MIIEKjCCAxKgAwIBAgIRANb+lsED3eb4+6YKLFFYqEkwDQYJKoZIhvcNAQELBQAw gYcxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMREwDwYDVQQHDAhT YW4gSm9zZTEcMBoGA1UECgwTQ2lzY28gU3lzdGVtcywgSW5jLjESMBAGA1UECwwJ RE5BU3BhY2VzMR4wHAYDVQQDDBVjaXNjby5vcGVucm9hbWluZy5vcmcwHhcNMjAx MTA1MjEzMzM1WhcNMjExMTA1MjIzMzM1WjCBpDEcMBoGCgmSJomT8ixkAQETDGRu YXNwYWNlczpVUzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMQ4wDAYDVQQKEwVD aXNjbzEcMBoGA1UECxMTV0JBOldSSVggRW5kLUVudGl0eTE8MDoGA1UEAxMzNjQ3 MDcwNDM4NDQ5NjQxMjAwMDAuMTg4MzQuaHMuY2lzY28ub3BlbnJvYW1pbmcub3Jn MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoqjP9QgRGyUO3p7SH9QK uTq6UYK7nAyjImgS4yQxeBkyZ5f2EUkX8m/AOcewpPxxPBhjPKRwxGeX3S50ksiA ayFomUeslR0S0Z7RN9rzJa+CFyi9MwWIHMbLgXpB8tsSpgTAqwrzoTzOGq9fgC6u pZhdZrBkg3FeJgD88goCi9mZDsY2YAoeGRLFJ2fR8iICqIVQy+Htq9pE22WBLpnS KjL3+mR9FArHNFtWlhKF2YHMUqyHHrnZnF/Ns7QNoMMF7/CK18iAKgnb+2wuGKM aEMddOeOTtz+i/rgjkp/RGMt011EdCsso0/cTo9qqX/bxOOCE4/Mne/ChMkQPnNU CwIDAQABo3IwcDAJBgNVHRMEAjAAMB8GA1UdIwQYMBaAFIG+4l5yiB01gP0sw4ML USopqYcuMB0GA1UdDgQWBBSby1T9leYVOVVdOZXiHCSaDDEMiDAOBgNVHQ8BAf8E BAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQADggEBAEyE 1mjSUyY6uNp6W4l20w7SskALSJDRKkOeZxAgF3VMxlsCuEl70s9oEfntwIpyQtSa jON/9yJHbwm/Az824bmk8Dc7AXIPhay+dftXb8j529gPuYB9AKoPNg0NctkyYCQh a/3YQVdDWX7XgmEiXkL57M7G6+IdcPDONLArfjOcT9qHdkVVq1AIjlMSx3OQQmm/ uoLb/G9q/97QA2/l8shG/Na8HjVqGLcl5TNZdbNhs2w9ogxr/GNzqdvym6RQ8vT/ UR2n+uwH4n1MUxmHYYeyot5dnIV1IJ6hQ54JAncM9HvCLFk1WHz6RKshQUCuPBiJ wTw70BVktzJnb0VLeDg= -----END CERTIFICATE-----' host: 0.0.0.0 port: 3000 radsecEnabled: true secret: secret-string radiusAttributeForGroupPolicies: Filter-Id radiusAuthenticationNasId: 00-11-22-33-44-55:AP1 radiusCalledStationId: 00-11-22-33-44-55:AP1 radiusCoaEnabled: true radiusFailoverPolicy: Deny access radiusFallbackEnabled: true radiusGuestVlanEnabled: true radiusGuestVlanId: 1 radiusLoadBalancingPolicy: Round robin radiusOverride: false radiusProxyEnabled: false radiusServerAttemptsLimit: 5 radiusServerTimeout: 5 radiusServers: - caCertificate: '-----BEGIN CERTIFICATE----- MIIEKjCCAxKgAwIBAgIRANb+lsED3eb4+6YKLFFYqEkwDQYJKoZIhvcNAQELBQAw gYcxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMREwDwYDVQQHDAhT YW4gSm9zZTEcMBoGA1UECgwTQ2lzY28gU3lzdGVtcywgSW5jLjESMBAGA1UECwwJ RE5BU3BhY2VzMR4wHAYDVQQDDBVjaXNjby5vcGVucm9hbWluZy5vcmcwHhcNMjAx MTA1MjEzMzM1WhcNMjExMTA1MjIzMzM1WjCBpDEcMBoGCgmSJomT8ixkAQETDGRu YXNwYWNlczpVUzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMQ4wDAYDVQQKEwVD aXNjbzEcMBoGA1UECxMTV0JBOldSSVggRW5kLUVudGl0eTE8MDoGA1UEAxMzNjQ3 MDcwNDM4NDQ5NjQxMjAwMDAuMTg4MzQuaHMuY2lzY28ub3BlbnJvYW1pbmcub3Jn MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoqjP9QgRGyUO3p7SH9QK uTq6UYK7nAyjImgS4yQxeBkyZ5f2EUkX8m/AOcewpPxxPBhjPKRwxGeX3S50ksiA ayFomUeslR0S0Z7RN9rzJa+CFyi9MwWIHMbLgXpB8tsSpgTAqwrzoTzOGq9fgC6u pZhdZrBkg3FeJgD88goCi9mZDsY2YAoeGRLFJ2fR8iICqIVQy+Htq9pE22WBLpnS KjL3+mR9FArHNFtWlhKF2YHMUqyHHrnZnF/Ns7QNoMMF7/CK18iAKgnb+2wuGKM aEMddOeOTtz+i/rgjkp/RGMt011EdCsso0/cTo9qqX/bxOOCE4/Mne/ChMkQPnNU CwIDAQABo3IwcDAJBgNVHRMEAjAAMB8GA1UdIwQYMBaAFIG+4l5yiB01gP0sw4ML USopqYcuMB0GA1UdDgQWBBSby1T9leYVOVVdOZXiHCSaDDEMiDAOBgNVHQ8BAf8E BAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQADggEBAEyE 1mjSUyY6uNp6W4l20w7SskALSJDRKkOeZxAgF3VMxlsCuEl70s9oEfntwIpyQtSa jON/9yJHbwm/Az824bmk8Dc7AXIPhay+dftXb8j529gPuYB9AKoPNg0NctkyYCQh a/3YQVdDWX7XgmEiXkL57M7G6+IdcPDONLArfjOcT9qHdkVVq1AIjlMSx3OQQmm/ uoLb/G9q/97QA2/l8shG/Na8HjVqGLcl5TNZdbNhs2w9ogxr/GNzqdvym6RQ8vT/ UR2n+uwH4n1MUxmHYYeyot5dnIV1IJ6hQ54JAncM9HvCLFk1WHz6RKshQUCuPBiJ wTw70BVktzJnb0VLeDg= -----END CERTIFICATE-----' host: 0.0.0.0 openRoamingCertificateId: 2 port: 3000 radsecEnabled: true secret: secret-string radiusTestingEnabled: true secondaryConcentratorNetworkId: disabled speedBurst: enabled: true splashGuestSponsorDomains: - example.com splashPage: Click-through splash page useVlanTagging: false visible: true vlanId: 10 walledGardenEnabled: true walledGardenRanges: - example.com - 1.1.1.1/32 wpaEncryptionMode: WPA2 only
gre: description: Ethernet over GRE settings. suboptions: concentrator: description: The EoGRE concentrator's settings. suboptions: host: description: The EoGRE concentrator's IP or FQDN. This param is required when ipAssignmentMode is 'Ethernet over GRE'. type: str type: dict key: description: Optional numerical identifier that will add the GRE key field to the GRE header. Used to identify an individual traffic flow within a tunnel. type: int type: dict psk: description: The passkey for the SSID. This param is only valid if the authMode is 'psk'. type: str ldap: description: The current setting for LDAP. Only valid if splashPage is 'Password-protected with LDAP'. suboptions: baseDistinguishedName: description: The base distinguished name of users on the LDAP server. type: str credentials: description: (Optional) The credentials of the user account to be used by the AP to bind to your LDAP server. The LDAP account should have permissions on all your LDAP servers. suboptions: distinguishedName: description: The distinguished name of the LDAP user account (example cn=user,dc=meraki,dc=com). type: str password: description: The password of the LDAP user account. type: str type: dict serverCaCertificate: description: The CA certificate used to sign the LDAP server's key. suboptions: contents: description: The contents of the CA certificate. Must be in PEM or DER format. type: str type: dict servers: description: The LDAP servers to be used for authentication. elements: dict suboptions: host: description: IP address (or FQDN) of your LDAP server. type: str port: description: UDP port the LDAP server listens on. type: int type: list type: dict name: description: The name of the SSID. type: str oauth: description: The OAuth settings of this SSID. Only valid if splashPage is 'Google OAuth'. suboptions: allowedDomains: description: (Optional) The list of domains allowed access to the network. elements: str type: list type: dict dot11r: description: The current setting for 802.11r. suboptions: adaptive: description: (Optional) Whether 802.11r is adaptive or not. type: bool enabled: description: Whether 802.11r is enabled or not. type: bool type: dict dot11w: description: The current setting for Protected Management Frames (802.11w). suboptions: enabled: description: Whether 802.11w is enabled or not. type: bool required: description: (Optional) Whether 802.11w is required or not. type: bool type: dict number: description: Number path parameter. type: str vlanId: description: The VLAN ID used for VLAN tagging. This param is only valid when the ipAssignmentMode is 'Layer 3 roaming with a concentrator' or 'VPN'. type: int enabled: description: Whether or not the SSID is enabled. type: bool visible: description: Boolean indicating whether APs should advertise or hide this SSID. APs will only broadcast this SSID if set to true. type: bool authMode: description: The association control method for the SSID ('open', 'open-enhanced', 'psk', 'open-with-radius', 'open-with-nac', '8021x-meraki', '8021x-nac', '8021x-radius', '8021x-google', '8021x-localradius', 'ipsk-with-radius', 'ipsk-without-radius' or 'ipsk-with-nac'). type: str networkId: description: NetworkId path parameter. Network ID. type: str dnsRewrite: description: DNS servers rewrite settings. suboptions: dnsCustomNameservers: description: User specified DNS servers (up to two servers). elements: str type: list enabled: description: Boolean indicating whether or not DNS server rewrite is enabled. If disabled, upstream DNS will be used. type: bool type: dict minBitrate: description: The minimum bitrate in Mbps of this SSID in the default indoor RF profile. ('1', '2', '5.5', '6', '9', '11', '12', '18', '24', '36', '48' or '54'). type: float namedVlans: description: Named VLAN settings. suboptions: radius: description: RADIUS settings. This param is only valid when authMode is 'open-with-radius' and ipAssignmentMode is not 'NAT mode'. suboptions: guestVlan: description: Guest VLAN settings. Used to direct traffic to a guest VLAN when none of the RADIUS servers are reachable or a client receives access-reject from the RADIUS server. suboptions: enabled: description: Whether or not RADIUS guest named VLAN is enabled. type: bool name: description: RADIUS guest VLAN name. type: str type: dict type: dict tagging: description: VLAN tagging settings. This param is only valid when ipAssignmentMode is 'Bridge mode' or 'Layer 3 roaming'. suboptions: byApTags: description: The list of AP tags and VLAN names used for named VLAN tagging. If an AP has a tag matching one in the list, then traffic on this SSID will be directed to use the VLAN name associated to the tag. elements: dict suboptions: tags: description: List of AP tags. elements: str type: list vlanName: description: VLAN name that will be used to tag traffic. type: str type: list defaultVlanName: description: The default VLAN name used to tag traffic in the absence of a matching AP tag. type: str enabled: description: Whether or not traffic should be directed to use specific VLAN names. type: bool type: dict type: dict speedBurst: description: The SpeedBurst setting for this SSID'. suboptions: enabled: description: Boolean indicating whether or not to allow users to temporarily exceed the bandwidth limit for short periods while still keeping them under the bandwidth limit over time. type: bool type: dict splashPage: description: The type of splash page for the SSID ('None', 'Click-through splash page', 'Billing', 'Password-protected with Meraki RADIUS', 'Password-protected with custom RADIUS', 'Password-protected with Active Directory', 'Password-protected with LDAP', 'SMS authentication', 'Systems Manager Sentry', 'Facebook Wi-Fi', 'Google OAuth', 'Sponsored guest', 'Cisco ISE' or 'Google Apps domain'). This attribute is not supported for template children. type: str localRadius: description: The current setting for Local Authentication, a built-in RADIUS server on the access point. Only valid if authMode is '8021x-localradius'. suboptions: cacheTimeout: description: The duration (in seconds) for which LDAP and OCSP lookups are cached. type: int certificateAuthentication: description: The current setting for certificate verification. suboptions: clientRootCaCertificate: description: The Client CA Certificate used to sign the client certificate. suboptions: contents: description: The contents of the Client CA Certificate. Must be in PEM or DER format. type: str type: dict enabled: description: Whether or not to use EAP-TLS certificate-based authentication to validate wireless clients. type: bool ocspResponderUrl: description: (Optional) The URL of the OCSP responder to verify client certificate status. type: str useLdap: description: Whether or not to verify the certificate with LDAP. type: bool useOcsp: description: Whether or not to verify the certificate with OCSP. type: bool type: dict passwordAuthentication: description: The current setting for password-based authentication. suboptions: enabled: description: Whether or not to use EAP-TTLS/PAP or PEAP-GTC password-based authentication via LDAP lookup. type: bool type: dict type: dict bandSelection: description: The client-serving radio frequencies of this SSID in the default indoor RF profile. ('Dual band operation', '5 GHz band only' or 'Dual band operation with Band Steering'). type: str defaultVlanId: description: The default VLAN ID used for 'all other APs'. This param is only valid when the ipAssignmentMode is 'Bridge mode' or 'Layer 3 roaming'. type: int meraki_caller: default: '' description: - meraki_caller (string), optional identifier for API usage tracking; can also be set as an environment variable MERAKI_PYTHON_SDK_CALLER type: str radiusServers: description: The RADIUS 802.1X servers to be used for authentication. This param is only valid if the authMode is 'open-with-radius', '8021x-radius' or 'ipsk-with-radius'. elements: dict suboptions: caCertificate: description: Certificate used for authorization for the RADSEC Server. type: str host: description: IP address (or FQDN) of your RADIUS server. type: str openRoamingCertificateId: description: The ID of the Openroaming Certificate attached to radius server. type: int port: description: UDP port the RADIUS server listens on for Access-requests. type: int radsecEnabled: description: Use RADSEC (TLS over TCP) to connect to this RADIUS server. Requires radiusProxyEnabled. type: bool secret: description: RADIUS client shared secret. type: str type: list encryptionMode: description: The psk encryption mode for the SSID ('wep' or 'wpa'). This param is only valid if the authMode is 'psk'. type: str meraki_api_key: description: - meraki_api_key (string), API key generated in dashboard; can also be set as an environment variable MERAKI_DASHBOARD_API_KEY required: true type: str radiusOverride: description: If true, the RADIUS response can override VLAN tag. This is not valid when ipAssignmentMode is 'NAT mode'. type: bool useVlanTagging: description: Whether or not traffic should be directed to use specific VLANs. This param is only valid if the ipAssignmentMode is 'Bridge mode' or 'Layer 3 roaming'. type: bool activeDirectory: description: The current setting for Active Directory. Only valid if splashPage is 'Password-protected with Active Directory'. suboptions: credentials: description: (Optional) The credentials of the user account to be used by the AP to bind to your Active Directory server. The Active Directory account should have permissions on all your Active Directory servers. Only valid if the splashPage is 'Password-protected with Active Directory'. suboptions: logonName: description: The logon name of the Active Directory account. type: str password: description: The password to the Active Directory user account. type: str type: dict servers: description: The Active Directory servers to be used for authentication. elements: dict suboptions: host: description: IP address (or FQDN) of your Active Directory server. type: str port: description: (Optional) UDP port the Active Directory server listens on. By default, uses port 3268. type: int type: list type: dict meraki_base_url: default: https://api.meraki.com/api/v1 description: - meraki_base_url (string), preceding all endpoint resources type: str meraki_log_path: default: '' description: - log_path (string), path to output log; by default, working directory of script if not specified type: str meraki_simulate: default: false description: - meraki_simulate (boolean), simulate POST/PUT/DELETE calls to prevent changes? type: bool apTagsAndVlanIds: description: The list of tags and VLAN IDs used for VLAN tagging. This param is only valid when the ipAssignmentMode is 'Bridge mode' or 'Layer 3 roaming'. elements: dict suboptions: tags: description: Array of AP tags. elements: str type: list vlanId: description: Numerical identifier that is assigned to the VLAN. type: int type: list availabilityTags: description: Accepts a list of tags for this SSID. If availableOnAllAps is false, then the SSID will only be broadcast by APs with tags matching any of the tags in this list. elements: str type: list ipAssignmentMode: description: The client IP assignment mode ('NAT mode', 'Bridge mode', 'Layer 3 roaming', 'Ethernet over GRE', 'Layer 3 roaming with a concentrator' or 'VPN'). type: str meraki_be_geo_id: default: '' description: - meraki_be_geo_id (string), optional partner identifier for API usage tracking; can also be set as an environment variable BE_GEO_ID type: str radiusCoaEnabled: description: If true, Meraki devices will act as a RADIUS Dynamic Authorization Server and will respond to RADIUS Change-of-Authorization and Disconnect messages sent by the RADIUS server. type: bool availableOnAllAps: description: Boolean indicating whether all APs should broadcast the SSID or if it should be restricted to APs matching any availability tags. Can only be false if the SSID has availability tags. type: bool meraki_output_log: default: true description: - meraki_output_log (boolean), create an output log file? type: bool radiusGuestVlanId: description: VLAN ID of the RADIUS Guest VLAN. This param is only valid if the authMode is 'open-with-radius' and addressing mode is not set to 'isolated' or 'nat' mode. type: int wpaEncryptionMode: description: The types of WPA encryption. ('WPA1 only', 'WPA1 and WPA2', 'WPA2 only', 'WPA3 Transition Mode', 'WPA3 only' or 'WPA3 192-bit Security'). type: str radiusProxyEnabled: description: If true, Meraki devices will proxy RADIUS messages through the Meraki cloud to the configured RADIUS auth and accounting servers. type: bool walledGardenRanges: description: Specify your walled garden by entering an array of addresses, ranges using CIDR notation, domain names, and domain wildcards (e.g. '192.168.1.1/24', '192.168.37.10/32', 'www.yahoo.com', '*.google.com'). Meraki's splash page is automatically included in your walled garden. elements: str type: list lanIsolationEnabled: description: Boolean indicating whether Layer 2 LAN isolation should be enabled or disabled. Only configurable when ipAssignmentMode is 'Bridge mode'. type: bool radiusServerTimeout: description: The amount of time for which a RADIUS client waits for a reply from the RADIUS server (must be between 1-10 seconds). type: int walledGardenEnabled: description: Allow access to a configurable list of IP ranges, which users may access prior to sign-on. type: bool mandatoryDhcpEnabled: description: If true, Mandatory DHCP will enforce that clients connecting to this SSID must use the IP address assigned by the DHCP server. Clients who use a static IP address won't be able to associate. type: bool meraki_print_console: default: true description: - meraki_print_console (boolean), print logging output to console? type: bool radiusFailoverPolicy: description: This policy determines how authentication requests should be handled in the event that all of the configured RADIUS servers are unreachable ('Deny access' or 'Allow access'). type: str radiusTestingEnabled: description: If true, Meraki devices will periodically send Access-Request messages to configured RADIUS servers using identity 'meraki_8021x_test' to ensure that the RADIUS servers are reachable. type: bool concentratorNetworkId: description: The concentrator to use when the ipAssignmentMode is 'Layer 3 roaming with a concentrator' or 'VPN'. type: str enterpriseAdminAccess: description: Whether or not an SSID is accessible by 'enterprise' administrators ('access disabled' or 'access enabled'). type: str meraki_requests_proxy: default: '' description: - meraki_requests_proxy (string), proxy server and port, if needed, for HTTPS type: str radiusCalledStationId: description: The template of the called station identifier to be used for RADIUS (ex. $NODE_MAC$ $VAP_NUM$). type: str radiusFallbackEnabled: description: Whether or not higher priority RADIUS servers should be retried after 60 seconds. type: bool meraki_log_file_prefix: default: meraki_api_ description: - meraki_log_file_prefix (string), log file name appended with date and timestamp type: str meraki_maximum_retries: default: 2 description: - meraki_maximum_retries (integer), retry up to this many times when encountering 429s or other server-side errors type: int meraki_retry_4xx_error: default: false description: - meraki_retry_4xx_error (boolean), retry if encountering other 4XX error (besides 429)? type: bool radiusGuestVlanEnabled: description: Whether or not RADIUS Guest VLAN is enabled. This param is only valid if the authMode is 'open-with-radius' and addressing mode is not set to 'isolated' or 'nat' mode. type: bool meraki_certificate_path: default: '' description: - meraki_certificate_path (string), path for TLS/SSL certificate verification if behind local proxy type: str meraki_suppress_logging: default: false description: - meraki_suppress_logging (boolean), disable all logging? you're on your own then! type: bool perSsidBandwidthLimitUp: description: The total upload bandwidth limit in Kbps. (0 represents no limit.). type: int radiusAccountingEnabled: description: Whether or not RADIUS accounting is enabled. This param is only valid if the authMode is 'open-with-radius', '8021x-radius' or 'ipsk-with-radius'. type: bool radiusAccountingServers: description: The RADIUS accounting 802.1X servers to be used for authentication. This param is only valid if the authMode is 'open-with-radius', '8021x-radius' or 'ipsk-with-radius' and radiusAccountingEnabled is 'true'. elements: dict suboptions: caCertificate: description: Certificate used for authorization for the RADSEC Server. type: str host: description: IP address (or FQDN) to which the APs will send RADIUS accounting messages. type: str port: description: Port on the RADIUS server that is listening for accounting messages. type: int radsecEnabled: description: Use RADSEC (TLS over TCP) to connect to this RADIUS accounting server. Requires radiusProxyEnabled. type: bool secret: description: Shared key used to authenticate messages between the APs and RADIUS server. type: str type: list meraki_wait_on_rate_limit: default: true description: - meraki_wait_on_rate_limit (boolean), retry if 429 rate limit error encountered? type: bool perClientBandwidthLimitUp: description: The upload bandwidth limit in Kbps. (0 represents no limit.). type: int perSsidBandwidthLimitDown: description: The total download bandwidth limit in Kbps. (0 represents no limit.). type: int radiusAuthenticationNasId: description: The template of the NAS identifier to be used for RADIUS authentication (ex. $NODE_MAC$ $VAP_NUM$). type: str radiusLoadBalancingPolicy: description: This policy determines which RADIUS server will be contacted first in an authentication attempt and the ordering of any necessary retry attempts ('Strict priority order' or 'Round robin'). type: str radiusServerAttemptsLimit: description: The maximum number of transmit attempts after which a RADIUS server is failed over (must be between 1-5). type: int splashGuestSponsorDomains: description: Array of valid sponsor email domains for sponsored guest splash type. elements: str type: list perClientBandwidthLimitDown: description: The download bandwidth limit in Kbps. (0 represents no limit.). type: int adultContentFilteringEnabled: description: Boolean indicating whether or not adult content will be blocked. type: bool meraki_inherit_logging_config: default: false description: - meraki_inherit_logging_config (boolean), Inherits your own logger instance type: bool meraki_single_request_timeout: default: 60 description: - meraki_single_request_timeout (integer), maximum number of seconds for each API call type: int secondaryConcentratorNetworkId: description: The secondary concentrator to use when the ipAssignmentMode is 'VPN'. If configured, the APs will switch to using this concentrator if the primary concentrator is unreachable. This param is optional. ('disabled' represents no secondary concentrator.). type: str radiusAccountingInterimInterval: description: The interval (in seconds) in which accounting information is updated and sent to the RADIUS accounting server. type: int radiusAttributeForGroupPolicies: description: Specify the RADIUS attribute used to look up group policies ('Filter-Id', 'Reply-Message', 'Airespace-ACL-Name' or 'Aruba-User-Role'). Access points must receive this attribute in the RADIUS Access-Accept message. type: str disassociateClientsOnVpnFailover: description: Disassociate clients when 'VPN' concentrator failover occurs in order to trigger clients to re-associate and generate new DHCP requests. This param is only valid if ipAssignmentMode is 'VPN'. type: bool meraki_nginx_429_retry_wait_time: default: 60 description: - meraki_nginx_429_retry_wait_time (integer), Nginx 429 retry wait time type: int meraki_retry_4xx_error_wait_time: default: 60 description: - meraki_retry_4xx_error_wait_time (integer), other 4XX error retry wait time type: int meraki_use_iterator_for_get_pages: default: false description: - meraki_use_iterator_for_get_pages (boolean), list* methods will return an iterator with each object instead of a complete list with all items type: bool meraki_action_batch_retry_wait_time: default: 60 description: - meraki_action_batch_retry_wait_time (integer), action batch concurrency error retry wait time type: int
meraki_response: description: A dictionary or list with the response returned by the Cisco Meraki Python SDK returned: always sample: "{\n \"adminSplashUrl\": \"string\",\n \"authMode\": \"string\",\n \"\ availabilityTags\": [\n \"string\"\n ],\n \"availableOnAllAps\": true,\n\ \ \"bandSelection\": \"string\",\n \"enabled\": true,\n \"encryptionMode\"\ : \"string\",\n \"ipAssignmentMode\": \"string\",\n \"localAuth\": true,\n \ \ \"mandatoryDhcpEnabled\": true,\n \"minBitrate\": 0,\n \"name\": \"string\"\ ,\n \"number\": 0,\n \"perClientBandwidthLimitDown\": 0,\n \"perClientBandwidthLimitUp\"\ : 0,\n \"perSsidBandwidthLimitDown\": 0,\n \"perSsidBandwidthLimitUp\": 0,\n\ \ \"radiusAccountingEnabled\": true,\n \"radiusAccountingServers\": [\n {\n\ \ \"caCertificate\": \"string\",\n \"host\": \"string\",\n \"openRoamingCertificateId\"\ : 0,\n \"port\": 0\n }\n ],\n \"radiusAttributeForGroupPolicies\": \"\ string\",\n \"radiusEnabled\": true,\n \"radiusFailoverPolicy\": \"string\"\ ,\n \"radiusLoadBalancingPolicy\": \"string\",\n \"radiusServers\": [\n {\n\ \ \"caCertificate\": \"string\",\n \"host\": \"string\",\n \"openRoamingCertificateId\"\ : 0,\n \"port\": 0\n }\n ],\n \"splashPage\": \"string\",\n \"splashTimeout\"\ : \"string\",\n \"ssidAdminAccessible\": true,\n \"visible\": true,\n \"walledGardenEnabled\"\ : true,\n \"walledGardenRanges\": [\n \"string\"\n ],\n \"wpaEncryptionMode\"\ : \"string\"\n}\n" type: dict