meraki_mx_l7_firewall – Manage MX appliance layer 7 firewalls in the Meraki cloud¶
New in version 2.9.
Synopsis¶
- Allows for creation, management, and visibility into layer 7 firewalls implemented on Meraki MX firewalls.
Parameters¶
Notes¶
Note
- Module assumes a complete list of firewall rules are passed as a parameter.
- If there is interest in this module allowing manipulation of a single firewall rule, please submit an issue against this module.
- More information about the Meraki API can be found at https://dashboard.meraki.com/api_docs.
- Some of the options are likely only used for developers within Meraki.
- As of Ansible 2.9, Meraki modules output keys as snake case. To use camel case, set the ANSIBLE_MERAKI_FORMATenvironment variable tocamelcase.
- Ansible’s Meraki modules will stop supporting camel case output in Ansible 2.13. Please update your playbooks.
Examples¶
- name: Query firewall rules
  meraki_mx_l7_firewall:
    auth_key: abc123
    org_name: YourOrg
    net_name: YourNet
    state: query
  delegate_to: localhost
- name: Query applications and application categories
  meraki_mx_l7_firewall:
    auth_key: abc123
    org_name: YourOrg
    net_name: YourNet
    categories: yes
    state: query
  delegate_to: localhost
- name: Set firewall rules
  meraki_mx_l7_firewall:
    auth_key: abc123
    org_name: YourOrg
    net_name: YourNet
    state: present
    rules:
      - type: whitelisted_countries
        countries:
          - US
          - FR
      - type: blacklisted_countries
        countries:
          - CN
      - policy: deny
        type: port
        port: 8080
      - type: port
        port: 1234
      - type: host
        host: asdf.com
      - type: application
        application:
          id: meraki:layer7/application/205
      - type: application_category
        application:
          id: meraki:layer7/category/24
  delegate_to: localhost
Return Values¶
Common return values are documented here, the following are the fields unique to this module:
Status¶
- This module is not guaranteed to have a backwards compatible interface. [preview]
- This module is maintained by the Ansible Community. [community]
Authors¶
- Kevin Breit (@kbreit)
Hint
If you notice any issues in this documentation, you can edit this document to improve it.
