 
    New in version 2.7.
| Parameter | Choices/Defaults | Comments | |
|---|---|---|---|
| auth_key 
                    string
                                         | Authentication key provided by the dashboard. Required if environmental variable  MERAKI_KEYis not set. | ||
| host 
                    string
                                         | Default: "api.meraki.com" | Hostname for Meraki dashboard. Only useful for internal Meraki developers. | |
| net_id 
                    -
                                         | ID of network which MX firewall is in. | ||
| net_name 
                    -
                                         | Name of network which MX firewall is in. | ||
| org_id 
                    integer
                                         | ID of organization. | ||
| org_name 
                    string
                                         | Name of organization. If  cloneis specified,org_nameis the name of the new organization.aliases: organization | ||
| output_level 
                    string
                                         | 
 | Set amount of debug output during module execution. | |
| rules 
                    -
                                         | List of firewall rules. | ||
| comment 
                    -
                                         | Optional comment to describe the firewall rule. | ||
| dest_cidr 
                    -
                                         | Comma separated list of CIDR notation destination networks. | ||
| dest_port 
                    -
                                         | Comma separated list of destination port numbers to match against. | ||
| policy 
                    -
                                         | 
 | Policy to apply if rule is hit. | |
| protocol 
                    -
                                         | 
 | Protocol to match against. | |
| src_cidr 
                    -
                                         | Comma separated list of CIDR notation source networks. | ||
| src_port 
                    -
                                         | Comma separated list of source port numbers to match against. | ||
| syslog_enabled 
                    -
                                         | Whether to log hints against the firewall rule. Only applicable if a syslog server is specified against the network. | ||
| state 
                    -
                                         | 
 | Create or modify an organization. | |
| syslog_default_rule 
                    boolean
                                         | 
 | Whether to log hits against the default firewall rule. Only applicable if a syslog server is specified against the network. This is not shown in response from Meraki. Instead, refer to the  syslog_enabledvalue in the default rule. | |
| timeout 
                    integer
                                         | Default: 30 | Time to timeout for HTTP requests. | |
| use_https 
                    boolean
                                         | 
 | If  no, it will use HTTP. Otherwise it will use HTTPS.Only useful for internal Meraki developers. | |
| use_proxy 
                    boolean
                                         | 
 | If  no, it will not use a proxy, even if one is defined in an environment variable on the target hosts. | |
| validate_certs 
                    boolean
                                         | 
 | Whether to validate HTTP certificates. | |
Note
- name: Query firewall rules
  meraki_mx_l3_firewall:
    auth_key: abc123
    org_name: YourOrg
    net_name: YourNet
    state: query
  delegate_to: localhost
- name: Set two firewall rules
  meraki_mx_l3_firewall:
    auth_key: abc123
    org_name: YourOrg
    net_name: YourNet
    state: present
    rules:
      - comment: Block traffic to server
        src_cidr: 192.0.1.0/24
        src_port: any
        dest_cidr: 192.0.2.2/32
        dest_port: any
        protocol: any
        policy: deny
      - comment: Allow traffic to group of servers
        src_cidr: 192.0.1.0/24
        src_port: any
        dest_cidr: 192.0.2.0/24
        dest_port: any
        protocol: any
        policy: permit
  delegate_to: localhost
- name: Set one firewall rule and enable logging of the default rule
  meraki_mx_l3_firewall:
    auth_key: abc123
    org_name: YourOrg
    net_name: YourNet
    state: present
    rules:
      - comment: Block traffic to server
        src_cidr: 192.0.1.0/24
        src_port: any
        dest_cidr: 192.0.2.2/32
        dest_port: any
        protocol: any
        policy: deny
    syslog_default_rule: yes
  delegate_to: localhost
Common return values are documented here, the following are the fields unique to this module:
| Key | Returned | Description | |
|---|---|---|---|
| data complex | success | Firewall rules associated to network. | |
| comment string | always | Comment to describe the firewall rule. Sample: Block traffic to server | |
| dest_cidr string | always | Comma separated list of CIDR notation destination networks. Sample: 192.0.1.1/32,192.0.1.2/32 | |
| dest_port string | always | Comma separated list of destination ports. Sample: 80,443 | |
| policy string | always | Action to take when rule is matched. | |
| protocol string | always | Network protocol for which to match against. Sample: tcp | |
| src_cidr string | always | Comma separated list of CIDR notation source networks. Sample: 192.0.1.1/32,192.0.1.2/32 | |
| src_port string | always | Comma separated list of source ports. Sample: 80,443 | |
| syslog_enabled boolean | always | Whether to log to syslog when rule is matched. Sample: True | |
Hint
If you notice any issues in this documentation you can edit this document to improve it.