cisco.meraki.organizations_login_security (2.18.0) — module

Install collection

Install with ansible-galaxy collection install cisco.meraki:==2.18.0

Add to requirements.yml

  collections:
    - name: cisco.meraki
      version: 2.18.0

Description

Manage operation update of the resource organizations _loginsecurity.

Update the login security settings for an organization.

Requirements

• meraki >= 2.4.9
• python >= 3.5

Usage examples

Scanned by Steampunk Spotter

• Success
  Steampunk Spotter scan finished with no errors, warnings or hints.

- name: Update all
  cisco.meraki.organizations_login_security:
    meraki_api_key: "{{meraki_api_key}}"
    meraki_base_url: "{{meraki_base_url}}"
    meraki_single_request_timeout: "{{meraki_single_request_timeout}}"
    meraki_certificate_path: "{{meraki_certificate_path}}"
    meraki_requests_proxy: "{{meraki_requests_proxy}}"
    meraki_wait_on_rate_limit: "{{meraki_wait_on_rate_limit}}"
    meraki_nginx_429_retry_wait_time: "{{meraki_nginx_429_retry_wait_time}}"
    meraki_action_batch_retry_wait_time: "{{meraki_action_batch_retry_wait_time}}"
    meraki_retry_4xx_error: "{{meraki_retry_4xx_error}}"
    meraki_retry_4xx_error_wait_time: "{{meraki_retry_4xx_error_wait_time}}"
    meraki_maximum_retries: "{{meraki_maximum_retries}}"
    meraki_output_log: "{{meraki_output_log}}"
    meraki_log_file_prefix: "{{meraki_log_file_prefix}}"
    meraki_log_path: "{{meraki_log_path}}"
    meraki_print_console: "{{meraki_print_console}}"
    meraki_suppress_logging: "{{meraki_suppress_logging}}"
    meraki_simulate: "{{meraki_simulate}}"
    meraki_be_geo_id: "{{meraki_be_geo_id}}"
    meraki_use_iterator_for_get_pages: "{{meraki_use_iterator_for_get_pages}}"
    meraki_inherit_logging_config: "{{meraki_inherit_logging_config}}"
    state: present
    accountLockoutAttempts: 3
    apiAuthentication:
      ipRestrictionsForKeys:
        enabled: true
        ranges:
        - 192.195.83.1
        - 192.168.33.33
    enforceAccountLockout: true
    enforceDifferentPasswords: true
    enforceIdleTimeout: true
    enforceLoginIpRanges: true
    enforcePasswordExpiration: true
    enforceStrongPasswords: true
    enforceTwoFactorAuth: true
    idleTimeoutMinutes: 30
    loginIpRanges:
    - 192.195.83.1
    - 192.195.83.255
    numDifferentPasswords: 3
    organizationId: string
    passwordExpirationDays: 90

Inputs

    
loginIpRanges:
    description: List of acceptable IP ranges. Entries can be single IP addresses, IP
      address ranges, and CIDR subnets.
    elements: str
    type: list

meraki_caller:
    default: ''
    description:
    - meraki_caller (string), optional identifier for API usage tracking; can also be
      set as an environment variable MERAKI_PYTHON_SDK_CALLER
    type: str

meraki_api_key:
    description:
    - meraki_api_key (string), API key generated in dashboard; can also be set as an environment
      variable MERAKI_DASHBOARD_API_KEY
    required: true
    type: str

organizationId:
    description: OrganizationId path parameter. Organization ID.
    type: str

meraki_base_url:
    default: https://api.meraki.com/api/v1
    description:
    - meraki_base_url (string), preceding all endpoint resources
    type: str

meraki_log_path:
    default: ''
    description:
    - log_path (string), path to output log; by default, working directory of script if
      not specified
    type: str

meraki_simulate:
    default: false
    description:
    - meraki_simulate (boolean), simulate POST/PUT/DELETE calls to prevent changes?
    type: bool

meraki_be_geo_id:
    default: ''
    description:
    - meraki_be_geo_id (string), optional partner identifier for API usage tracking; can
      also be set as an environment variable BE_GEO_ID
    type: str

apiAuthentication:
    description: Details for indicating whether organization will restrict access to API
      (but not Dashboard) to certain IP addresses.
    suboptions:
      ipRestrictionsForKeys:
        description: Details for API-only IP restrictions.
        suboptions:
          enabled:
            description: Boolean indicating whether the organization will restrict API
              key (not Dashboard GUI) usage to a specific list of IP addresses or CIDR
              ranges.
            type: bool
          ranges:
            description: List of acceptable IP ranges. Entries can be single IP addresses,
              IP address ranges, and CIDR subnets.
            elements: str
            type: list
        type: dict
    type: dict

meraki_output_log:
    default: true
    description:
    - meraki_output_log (boolean), create an output log file?
    type: bool

enforceIdleTimeout:
    description: Boolean indicating whether users will be logged out after being idle
      for the specified number of minutes.
    type: bool

idleTimeoutMinutes:
    description: Number of minutes users can remain idle before being logged out of their
      accounts.
    type: int

enforceLoginIpRanges:
    description: Boolean indicating whether organization will restrict access to Dashboard
      (including the API) from certain IP addresses.
    type: bool

enforceTwoFactorAuth:
    description: Boolean indicating whether users in this organization will be required
      to use an extra verification code when logging in to Dashboard. This code will be
      sent to their mobile phone via SMS, or can be generated by the authenticator application.
    type: bool

meraki_print_console:
    default: true
    description:
    - meraki_print_console (boolean), print logging output to console?
    type: bool

enforceAccountLockout:
    description: Boolean indicating whether users' Dashboard accounts will be locked out
      after a specified number of consecutive failed login attempts.
    type: bool

meraki_requests_proxy:
    default: ''
    description:
    - meraki_requests_proxy (string), proxy server and port, if needed, for HTTPS
    type: str

numDifferentPasswords:
    description: Number of recent passwords that new password must be distinct from.
    type: int

accountLockoutAttempts:
    description: Number of consecutive failed login attempts after which users' accounts
      will be locked.
    type: int

enforceStrongPasswords:
    description: Boolean indicating whether users will be forced to choose strong passwords
      for their accounts. Strong passwords are at least 8 characters that contain 3 of
      the following number, uppercase letter, lowercase letter, and symbol.
    type: bool

meraki_log_file_prefix:
    default: meraki_api_
    description:
    - meraki_log_file_prefix (string), log file name appended with date and timestamp
    type: str

meraki_maximum_retries:
    default: 2
    description:
    - meraki_maximum_retries (integer), retry up to this many times when encountering
      429s or other server-side errors
    type: int

meraki_retry_4xx_error:
    default: false
    description:
    - meraki_retry_4xx_error (boolean), retry if encountering other 4XX error (besides
      429)?
    type: bool

passwordExpirationDays:
    description: Number of days after which users will be forced to change their password.
    type: int

meraki_certificate_path:
    default: ''
    description:
    - meraki_certificate_path (string), path for TLS/SSL certificate verification if behind
      local proxy
    type: str

meraki_suppress_logging:
    default: false
    description:
    - meraki_suppress_logging (boolean), disable all logging? you're on your own then!
    type: bool

enforceDifferentPasswords:
    description: Boolean indicating whether users, when setting a new password, are forced
      to choose a new password that is different from any past passwords.
    type: bool

enforcePasswordExpiration:
    description: Boolean indicating whether users are forced to change their password
      every X number of days.
    type: bool

meraki_wait_on_rate_limit:
    default: true
    description:
    - meraki_wait_on_rate_limit (boolean), retry if 429 rate limit error encountered?
    type: bool

meraki_inherit_logging_config:
    default: false
    description:
    - meraki_inherit_logging_config (boolean), Inherits your own logger instance
    type: bool

meraki_single_request_timeout:
    default: 60
    description:
    - meraki_single_request_timeout (integer), maximum number of seconds for each API
      call
    type: int

meraki_nginx_429_retry_wait_time:
    default: 60
    description:
    - meraki_nginx_429_retry_wait_time (integer), Nginx 429 retry wait time
    type: int

meraki_retry_4xx_error_wait_time:
    default: 60
    description:
    - meraki_retry_4xx_error_wait_time (integer), other 4XX error retry wait time
    type: int

meraki_use_iterator_for_get_pages:
    default: false
    description:
    - meraki_use_iterator_for_get_pages (boolean), list* methods will return an iterator
      with each object instead of a complete list with all items
    type: bool

meraki_action_batch_retry_wait_time:
    default: 60
    description:
    - meraki_action_batch_retry_wait_time (integer), action batch concurrency error retry
      wait time
    type: int

Outputs

meraki_response:
  description: A dictionary or list with the response returned by the Cisco Meraki
    Python SDK
  returned: always
  sample: "{\n  \"accountLockoutAttempts\": 0,\n  \"apiAuthentication\": {\n    \"\
    ipRestrictionsForKeys\": {\n      \"enabled\": true,\n      \"ranges\": [\n  \
    \      \"string\"\n      ]\n    }\n  },\n  \"enforceAccountLockout\": true,\n\
    \  \"enforceDifferentPasswords\": true,\n  \"enforceIdleTimeout\": true,\n  \"\
    enforceLoginIpRanges\": true,\n  \"enforcePasswordExpiration\": true,\n  \"enforceStrongPasswords\"\
    : true,\n  \"enforceTwoFactorAuth\": true,\n  \"idleTimeoutMinutes\": 0,\n  \"\
    loginIpRanges\": [\n    \"string\"\n  ],\n  \"numDifferentPasswords\": 0,\n  \"\
    passwordExpirationDays\": 0\n}\n"
  type: dict

See also

• Cisco Meraki documentation for organizations updateOrganizationLoginSecurity: Complete reference of the updateOrganizationLoginSecurity API. link