cisco / cisco.meraki / 2.18.0 / module / organizations_login_security Resource module for organizations _loginsecurity | "added in version" 2.16.0 of cisco.meraki" Authors: Francisco Munoz (@fmunoz) This plugin has a corresponding action plugin.cisco.meraki.organizations_login_security (2.18.0) — module
Install with ansible-galaxy collection install cisco.meraki:==2.18.0
collections: - name: cisco.meraki version: 2.18.0
Manage operation update of the resource organizations _loginsecurity.
Update the login security settings for an organization.
- name: Update all cisco.meraki.organizations_login_security: meraki_api_key: "{{meraki_api_key}}" meraki_base_url: "{{meraki_base_url}}" meraki_single_request_timeout: "{{meraki_single_request_timeout}}" meraki_certificate_path: "{{meraki_certificate_path}}" meraki_requests_proxy: "{{meraki_requests_proxy}}" meraki_wait_on_rate_limit: "{{meraki_wait_on_rate_limit}}" meraki_nginx_429_retry_wait_time: "{{meraki_nginx_429_retry_wait_time}}" meraki_action_batch_retry_wait_time: "{{meraki_action_batch_retry_wait_time}}" meraki_retry_4xx_error: "{{meraki_retry_4xx_error}}" meraki_retry_4xx_error_wait_time: "{{meraki_retry_4xx_error_wait_time}}" meraki_maximum_retries: "{{meraki_maximum_retries}}" meraki_output_log: "{{meraki_output_log}}" meraki_log_file_prefix: "{{meraki_log_file_prefix}}" meraki_log_path: "{{meraki_log_path}}" meraki_print_console: "{{meraki_print_console}}" meraki_suppress_logging: "{{meraki_suppress_logging}}" meraki_simulate: "{{meraki_simulate}}" meraki_be_geo_id: "{{meraki_be_geo_id}}" meraki_use_iterator_for_get_pages: "{{meraki_use_iterator_for_get_pages}}" meraki_inherit_logging_config: "{{meraki_inherit_logging_config}}" state: present accountLockoutAttempts: 3 apiAuthentication: ipRestrictionsForKeys: enabled: true ranges: - 192.195.83.1 - 192.168.33.33 enforceAccountLockout: true enforceDifferentPasswords: true enforceIdleTimeout: true enforceLoginIpRanges: true enforcePasswordExpiration: true enforceStrongPasswords: true enforceTwoFactorAuth: true idleTimeoutMinutes: 30 loginIpRanges: - 192.195.83.1 - 192.195.83.255 numDifferentPasswords: 3 organizationId: string passwordExpirationDays: 90
loginIpRanges: description: List of acceptable IP ranges. Entries can be single IP addresses, IP address ranges, and CIDR subnets. elements: str type: list meraki_caller: default: '' description: - meraki_caller (string), optional identifier for API usage tracking; can also be set as an environment variable MERAKI_PYTHON_SDK_CALLER type: str meraki_api_key: description: - meraki_api_key (string), API key generated in dashboard; can also be set as an environment variable MERAKI_DASHBOARD_API_KEY required: true type: str organizationId: description: OrganizationId path parameter. Organization ID. type: str meraki_base_url: default: https://api.meraki.com/api/v1 description: - meraki_base_url (string), preceding all endpoint resources type: str meraki_log_path: default: '' description: - log_path (string), path to output log; by default, working directory of script if not specified type: str meraki_simulate: default: false description: - meraki_simulate (boolean), simulate POST/PUT/DELETE calls to prevent changes? type: bool meraki_be_geo_id: default: '' description: - meraki_be_geo_id (string), optional partner identifier for API usage tracking; can also be set as an environment variable BE_GEO_ID type: str apiAuthentication: description: Details for indicating whether organization will restrict access to API (but not Dashboard) to certain IP addresses. suboptions: ipRestrictionsForKeys: description: Details for API-only IP restrictions. suboptions: enabled: description: Boolean indicating whether the organization will restrict API key (not Dashboard GUI) usage to a specific list of IP addresses or CIDR ranges. type: bool ranges: description: List of acceptable IP ranges. Entries can be single IP addresses, IP address ranges, and CIDR subnets. elements: str type: list type: dict type: dict meraki_output_log: default: true description: - meraki_output_log (boolean), create an output log file? type: bool enforceIdleTimeout: description: Boolean indicating whether users will be logged out after being idle for the specified number of minutes. type: bool idleTimeoutMinutes: description: Number of minutes users can remain idle before being logged out of their accounts. type: int enforceLoginIpRanges: description: Boolean indicating whether organization will restrict access to Dashboard (including the API) from certain IP addresses. type: bool enforceTwoFactorAuth: description: Boolean indicating whether users in this organization will be required to use an extra verification code when logging in to Dashboard. This code will be sent to their mobile phone via SMS, or can be generated by the authenticator application. type: bool meraki_print_console: default: true description: - meraki_print_console (boolean), print logging output to console? type: bool enforceAccountLockout: description: Boolean indicating whether users' Dashboard accounts will be locked out after a specified number of consecutive failed login attempts. type: bool meraki_requests_proxy: default: '' description: - meraki_requests_proxy (string), proxy server and port, if needed, for HTTPS type: str numDifferentPasswords: description: Number of recent passwords that new password must be distinct from. type: int accountLockoutAttempts: description: Number of consecutive failed login attempts after which users' accounts will be locked. type: int enforceStrongPasswords: description: Boolean indicating whether users will be forced to choose strong passwords for their accounts. Strong passwords are at least 8 characters that contain 3 of the following number, uppercase letter, lowercase letter, and symbol. type: bool meraki_log_file_prefix: default: meraki_api_ description: - meraki_log_file_prefix (string), log file name appended with date and timestamp type: str meraki_maximum_retries: default: 2 description: - meraki_maximum_retries (integer), retry up to this many times when encountering 429s or other server-side errors type: int meraki_retry_4xx_error: default: false description: - meraki_retry_4xx_error (boolean), retry if encountering other 4XX error (besides 429)? type: bool passwordExpirationDays: description: Number of days after which users will be forced to change their password. type: int meraki_certificate_path: default: '' description: - meraki_certificate_path (string), path for TLS/SSL certificate verification if behind local proxy type: str meraki_suppress_logging: default: false description: - meraki_suppress_logging (boolean), disable all logging? you're on your own then! type: bool enforceDifferentPasswords: description: Boolean indicating whether users, when setting a new password, are forced to choose a new password that is different from any past passwords. type: bool enforcePasswordExpiration: description: Boolean indicating whether users are forced to change their password every X number of days. type: bool meraki_wait_on_rate_limit: default: true description: - meraki_wait_on_rate_limit (boolean), retry if 429 rate limit error encountered? type: bool meraki_inherit_logging_config: default: false description: - meraki_inherit_logging_config (boolean), Inherits your own logger instance type: bool meraki_single_request_timeout: default: 60 description: - meraki_single_request_timeout (integer), maximum number of seconds for each API call type: int meraki_nginx_429_retry_wait_time: default: 60 description: - meraki_nginx_429_retry_wait_time (integer), Nginx 429 retry wait time type: int meraki_retry_4xx_error_wait_time: default: 60 description: - meraki_retry_4xx_error_wait_time (integer), other 4XX error retry wait time type: int meraki_use_iterator_for_get_pages: default: false description: - meraki_use_iterator_for_get_pages (boolean), list* methods will return an iterator with each object instead of a complete list with all items type: bool meraki_action_batch_retry_wait_time: default: 60 description: - meraki_action_batch_retry_wait_time (integer), action batch concurrency error retry wait time type: int
meraki_response: description: A dictionary or list with the response returned by the Cisco Meraki Python SDK returned: always sample: "{\n \"accountLockoutAttempts\": 0,\n \"apiAuthentication\": {\n \"\ ipRestrictionsForKeys\": {\n \"enabled\": true,\n \"ranges\": [\n \ \ \"string\"\n ]\n }\n },\n \"enforceAccountLockout\": true,\n\ \ \"enforceDifferentPasswords\": true,\n \"enforceIdleTimeout\": true,\n \"\ enforceLoginIpRanges\": true,\n \"enforcePasswordExpiration\": true,\n \"enforceStrongPasswords\"\ : true,\n \"enforceTwoFactorAuth\": true,\n \"idleTimeoutMinutes\": 0,\n \"\ loginIpRanges\": [\n \"string\"\n ],\n \"numDifferentPasswords\": 0,\n \"\ passwordExpirationDays\": 0\n}\n" type: dict