Try SpotterResource module for organizations _appliance _vpn _thirdpartyvpnpeers
| "added in version" 2.16.0 of cisco.meraki"
Authors: Francisco Munoz (@fmunoz)
This plugin has a corresponding action plugin.
Install with ansible-galaxy collection install cisco.meraki:==2.18.0
collections:
- name: cisco.meraki
version: 2.18.0Manage operation update of the resource organizations _appliance _vpn _thirdpartyvpnpeers.
Update the third party VPN peers for an organization.
- name: Update all
cisco.meraki.organizations_appliance_vpn_third_party_vpnpeers:
meraki_api_key: "{{meraki_api_key}}"
meraki_base_url: "{{meraki_base_url}}"
meraki_single_request_timeout: "{{meraki_single_request_timeout}}"
meraki_certificate_path: "{{meraki_certificate_path}}"
meraki_requests_proxy: "{{meraki_requests_proxy}}"
meraki_wait_on_rate_limit: "{{meraki_wait_on_rate_limit}}"
meraki_nginx_429_retry_wait_time: "{{meraki_nginx_429_retry_wait_time}}"
meraki_action_batch_retry_wait_time: "{{meraki_action_batch_retry_wait_time}}"
meraki_retry_4xx_error: "{{meraki_retry_4xx_error}}"
meraki_retry_4xx_error_wait_time: "{{meraki_retry_4xx_error_wait_time}}"
meraki_maximum_retries: "{{meraki_maximum_retries}}"
meraki_output_log: "{{meraki_output_log}}"
meraki_log_file_prefix: "{{meraki_log_file_prefix}}"
meraki_log_path: "{{meraki_log_path}}"
meraki_print_console: "{{meraki_print_console}}"
meraki_suppress_logging: "{{meraki_suppress_logging}}"
meraki_simulate: "{{meraki_simulate}}"
meraki_be_geo_id: "{{meraki_be_geo_id}}"
meraki_use_iterator_for_get_pages: "{{meraki_use_iterator_for_get_pages}}"
meraki_inherit_logging_config: "{{meraki_inherit_logging_config}}"
state: present
organizationId: string
peers:
- ikeVersion: '2'
ipsecPolicies:
childAuthAlgo:
- sha1
childCipherAlgo:
- aes128
childLifetime: 28800
childPfsGroup:
- disabled
ikeAuthAlgo:
- sha1
ikeCipherAlgo:
- tripledes
ikeDiffieHellmanGroup:
- group2
ikeLifetime: 28800
ikePrfAlgo:
- prfsha1
ipsecPoliciesPreset: default
localId: myMXId@meraki.com
name: Peer Name
networkTags:
- none
privateSubnets:
- 192.168.1.0/24
- 192.168.128.0/24
publicIp: 123.123.123.1
remoteId: miles@meraki.com
secret: Sample Password
peers:
description: The list of VPN peers.
elements: dict
suboptions:
ikeVersion:
description: Optional The IKE version to be used for the IPsec VPN peer configuration.
Defaults to '1' when omitted.
type: str
ipsecPolicies:
description: Custom IPSec policies for the VPN peer. If not included and a preset
has not been chosen, the default preset for IPSec policies will be used.
suboptions:
childAuthAlgo:
description: This is the authentication algorithms to be used in Phase 2.
The value should be an array with one of the following algorithms 'sha256',
'sha1', 'md5'.
elements: str
type: list
childCipherAlgo:
description: This is the cipher algorithms to be used in Phase 2. The value
should be an array with one or more of the following algorithms 'aes256',
'aes192', 'aes128', 'tripledes', 'des', 'null'.
elements: str
type: list
childLifetime:
description: The lifetime of the Phase 2 SA in seconds.
type: int
childPfsGroup:
description: This is the Diffie-Hellman group to be used for Perfect Forward
Secrecy in Phase 2. The value should be an array with one of the following
values 'disabled','group14', 'group5', 'group2', 'group1'.
elements: str
type: list
ikeAuthAlgo:
description: This is the authentication algorithm to be used in Phase 1. The
value should be an array with one of the following algorithms 'sha256',
'sha1', 'md5'.
elements: str
type: list
ikeCipherAlgo:
description: This is the cipher algorithm to be used in Phase 1. The value
should be an array with one of the following algorithms 'aes256', 'aes192',
'aes128', 'tripledes', 'des'.
elements: str
type: list
ikeDiffieHellmanGroup:
description: This is the Diffie-Hellman group to be used in Phase 1. The value
should be an array with one of the following algorithms 'group14', 'group5',
'group2', 'group1'.
elements: str
type: list
ikeLifetime:
description: The lifetime of the Phase 1 SA in seconds.
type: int
ikePrfAlgo:
description: Optional This is the pseudo-random function to be used in IKE_SA.
The value should be an array with one of the following algorithms 'prfsha256',
'prfsha1', 'prfmd5', 'default'. The 'default' option can be used to default
to the Authentication algorithm.
elements: str
type: list
type: dict
ipsecPoliciesPreset:
description: One of the following available presets 'default', 'aws', 'azure'.
If this is provided, the 'ipsecPolicies' parameter is ignored.
type: str
localId:
description: Optional The local ID is used to identify the MX to the peer. This
will apply to all MXs this peer applies to.
type: str
name:
description: The name of the VPN peer.
type: str
networkTags:
description: A list of network tags that will connect with this peer. Use 'all'
for all networks. Use 'none' for no networks. If not included, the default is
'all'.
elements: str
type: list
privateSubnets:
description: The list of the private subnets of the VPN peer.
elements: str
type: list
publicIp:
description: Optional The public IP of the VPN peer.
type: str
remoteId:
description: Optional The remote ID is used to identify the connecting VPN peer.
This can either be a valid IPv4 Address, FQDN or User FQDN.
type: str
secret:
description: The shared secret with the VPN peer.
type: str
type: list
meraki_caller:
default: ''
description:
- meraki_caller (string), optional identifier for API usage tracking; can also be
set as an environment variable MERAKI_PYTHON_SDK_CALLER
type: str
meraki_api_key:
description:
- meraki_api_key (string), API key generated in dashboard; can also be set as an environment
variable MERAKI_DASHBOARD_API_KEY
required: true
type: str
organizationId:
description: OrganizationId path parameter. Organization ID.
type: str
meraki_base_url:
default: https://api.meraki.com/api/v1
description:
- meraki_base_url (string), preceding all endpoint resources
type: str
meraki_log_path:
default: ''
description:
- log_path (string), path to output log; by default, working directory of script if
not specified
type: str
meraki_simulate:
default: false
description:
- meraki_simulate (boolean), simulate POST/PUT/DELETE calls to prevent changes?
type: bool
meraki_be_geo_id:
default: ''
description:
- meraki_be_geo_id (string), optional partner identifier for API usage tracking; can
also be set as an environment variable BE_GEO_ID
type: str
meraki_output_log:
default: true
description:
- meraki_output_log (boolean), create an output log file?
type: bool
meraki_print_console:
default: true
description:
- meraki_print_console (boolean), print logging output to console?
type: bool
meraki_requests_proxy:
default: ''
description:
- meraki_requests_proxy (string), proxy server and port, if needed, for HTTPS
type: str
meraki_log_file_prefix:
default: meraki_api_
description:
- meraki_log_file_prefix (string), log file name appended with date and timestamp
type: str
meraki_maximum_retries:
default: 2
description:
- meraki_maximum_retries (integer), retry up to this many times when encountering
429s or other server-side errors
type: int
meraki_retry_4xx_error:
default: false
description:
- meraki_retry_4xx_error (boolean), retry if encountering other 4XX error (besides
429)?
type: bool
meraki_certificate_path:
default: ''
description:
- meraki_certificate_path (string), path for TLS/SSL certificate verification if behind
local proxy
type: str
meraki_suppress_logging:
default: false
description:
- meraki_suppress_logging (boolean), disable all logging? you're on your own then!
type: bool
meraki_wait_on_rate_limit:
default: true
description:
- meraki_wait_on_rate_limit (boolean), retry if 429 rate limit error encountered?
type: bool
meraki_inherit_logging_config:
default: false
description:
- meraki_inherit_logging_config (boolean), Inherits your own logger instance
type: bool
meraki_single_request_timeout:
default: 60
description:
- meraki_single_request_timeout (integer), maximum number of seconds for each API
call
type: int
meraki_nginx_429_retry_wait_time:
default: 60
description:
- meraki_nginx_429_retry_wait_time (integer), Nginx 429 retry wait time
type: int
meraki_retry_4xx_error_wait_time:
default: 60
description:
- meraki_retry_4xx_error_wait_time (integer), other 4XX error retry wait time
type: int
meraki_use_iterator_for_get_pages:
default: false
description:
- meraki_use_iterator_for_get_pages (boolean), list* methods will return an iterator
with each object instead of a complete list with all items
type: bool
meraki_action_batch_retry_wait_time:
default: 60
description:
- meraki_action_batch_retry_wait_time (integer), action batch concurrency error retry
wait time
type: int
meraki_response:
description: A dictionary or list with the response returned by the Cisco Meraki
Python SDK
returned: always
sample: "[\n {\n \"ikeVersion\": \"string\",\n \"ipsecPolicies\": {\n \
\ \"childAuthAlgo\": [\n \"string\"\n ],\n \"childCipherAlgo\"\
: [\n \"string\"\n ],\n \"childLifetime\": 0,\n \"childPfsGroup\"\
: [\n \"string\"\n ],\n \"ikeAuthAlgo\": [\n \"string\"\
\n ],\n \"ikeCipherAlgo\": [\n \"string\"\n ],\n \"\
ikeDiffieHellmanGroup\": [\n \"string\"\n ],\n \"ikeLifetime\"\
: 0,\n \"ikePrfAlgo\": [\n \"string\"\n ]\n },\n \"ipsecPoliciesPreset\"\
: \"string\",\n \"localId\": \"string\",\n \"name\": \"string\",\n \"\
networkTags\": [\n \"string\"\n ],\n \"privateSubnets\": [\n \"\
string\"\n ],\n \"publicIp\": \"string\",\n \"remoteId\": \"string\"\
,\n \"secret\": \"string\"\n }\n]\n"
type: dict