100%
cisco.meraki_rm module meraki_wireless_air_marshal_rules

meraki_wireless_air_marshal_rules

module
Manage Meraki wireless Air Marshal (rogue AP detection)
Added in version 0.1.0
Synopsis Parameters Sample Task Notes Examples Return Values

Synopsis

  • Manage Meraki wireless Air Marshal rules and settings for a network.
  • Mixed resource - rules (CRUD) and settings (singleton).
  • Supports merged, replaced, deleted, and gathered states.

Author

Cisco Meraki

Parameters

config (list/dict)

List of Air Marshal rule configurations.

bssids (list/dict)

BSSIDs broadcasting the SSID.

channels (list/int)

Channels where SSID was observed.

default_policy (str)

Default policy for rogue networks.

match (dict)

Rule specification/match criteria.

rule_id (str)

Server-assigned rule ID. Discover via state=gathered.

ssid (str)

SSID name for the rule.

type (str)

Rule type (allow, block, or alert).

network_id (str) required

The network ID.

state (str)
mergedreplaceddeleted

The state of the resource.

Sample Task

A template task showing all available parameters with their defaults or example values. 

- name: Meraki Wireless Air Marshal Rules task
  cisco.meraki_rm.meraki_wireless_air_marshal_rules:
    network_id: "192.168.1.0/24"
    config:
      - bssids:
          - {}
        channels:
          - 1
        default_policy: "default_policy_value"
        match: {}
        rule_id: "rule_id_value"
        ssid: "ssid_value"
        type: "type_value"
    state: merged
- name: Meraki Wireless Air Marshal Rules task
  cisco.meraki_rm.meraki_wireless_air_marshal_rules:
    network_id: "192.168.1.0/24"
    config:  # optional
      - bssids:  # optional
          - {}
        channels:  # optional
          - 1
        default_policy: "default_policy_value"  # optional
        match: {}  # optional
        rule_id: "rule_id_value"  # optional
        ssid: "ssid_value"  # optional
        type: "type_value"  # optional
    state: merged  # optional
- name: Meraki Wireless Air Marshal Rules task
  cisco.meraki_rm.meraki_wireless_air_marshal_rules:
    network_id: "192.168.1.0/24"  # (str, required) The network ID.
    config:  # (list, optional) List of Air Marshal rule configurations.
      - bssids:  # (list, optional) BSSIDs broadcasting the SSID.
          - {}
        channels:  # (list, optional) Channels where SSID was observed.
          - 1
        default_policy: "default_policy_value"  # (str, optional) Default policy for rogue networks.
        match: {}  # (dict, optional) Rule specification/match criteria.
        rule_id: "rule_id_value"  # (str, optional) Server-assigned rule ID. Discover via C(state=gathered).
        ssid: "ssid_value"  # (str, optional) SSID name for the rule.
        type: "type_value"  # (str, optional) Rule type (allow, block, or alert).
    state: merged  # (str, optional) The state of the resource.

Notes

  • This resource has no canonical key (Category C — gather-first).
  • Use state=gathered to discover rule_id values, then reference them in subsequent tasks.

Examples

Define Expected Configuration 
- name: Define expected configuration
  ansible.builtin.set_fact:
    expected_config:
      type: access
      default_policy: example
      ssid: example
Create Wireless_air_marshal_rules With Merged State 
- name: Create wireless_air_marshal_rules with merged state
  cisco.meraki_rm.meraki_wireless_air_marshal_rules:
    network_id: "N_123456789012345678"
    state: merged
    config:
      - "{{ expected_config }}"
  register: merge_result
Assert Resource Was Created 
- name: Assert resource was created
  ansible.builtin.assert:
    that:
      - merge_result is changed
      - merge_result.config | length == 1
Compare Expected Paths To Result (subset Check) 
- name: Compare expected paths to result (subset check)
  ansible.builtin.set_fact:
    path_check: "{{ expected_paths | cisco.meraki_rm.path_contained_in(result_paths) }}"
  vars:
    expected_paths: "{{ expected_config | ansible.utils.to_paths }}"
    result_paths: "{{ merge_result.config[0] | ansible.utils.to_paths }}"
Assert All Expected Fields Are Present And Match 
- name: Assert all expected fields are present and match
  ansible.builtin.assert:
    that: path_check.contained | bool
    success_msg: "{{ success_msg }}"
    fail_msg: "{{ fail_msg }}"
  vars:
    success_msg: "All expected fields match. Extras: {{ path_check.extras }}"
    fail_msg: "Missing or mismatch: {{ path_check.missing }}. Extras: {{ path_check.extras }}"
Task Output:
# Manage Meraki wireless Air Marshal (rogue AP detection) — full resource replacement
Define Replacement Configuration 
- name: Define replacement configuration
  ansible.builtin.set_fact:
    expected_config:
      type: access
      default_policy: example
      ssid: example
Replace Wireless_air_marshal_rules Configuration 
- name: Replace wireless_air_marshal_rules configuration
  cisco.meraki_rm.meraki_wireless_air_marshal_rules:
    network_id: "N_123456789012345678"
    state: replaced
    config:
      - "{{ expected_config }}"
  register: replace_result
Assert Resource Was Replaced 
- name: Assert resource was replaced
  ansible.builtin.assert:
    that:
      - replace_result is changed
      - replace_result.config | length == 1
Compare Expected Paths To Result (subset Check) 
- name: Compare expected paths to result (subset check)
  ansible.builtin.set_fact:
    path_check: "{{ expected_paths | cisco.meraki_rm.path_contained_in(result_paths) }}"
  vars:
    expected_paths: "{{ expected_config | ansible.utils.to_paths }}"
    result_paths: "{{ replace_result.config[0] | ansible.utils.to_paths }}"
Assert All Expected Fields Are Present And Match 
- name: Assert all expected fields are present and match
  ansible.builtin.assert:
    that: path_check.contained | bool
    success_msg: "{{ success_msg }}"
    fail_msg: "{{ fail_msg }}"
  vars:
    success_msg: "All expected fields match. Extras: {{ path_check.extras }}"
    fail_msg: "Missing or mismatch: {{ path_check.missing }}. Extras: {{ path_check.extras }}"
Task Output:
# Manage Meraki wireless Air Marshal (rogue AP detection) — remove configuration
Define Resource To Delete 
- name: Define resource to delete
  ansible.builtin.set_fact:
    expected_config:
      type: access
Delete Wireless_air_marshal_rules Configuration 
- name: Delete wireless_air_marshal_rules configuration
  cisco.meraki_rm.meraki_wireless_air_marshal_rules:
    network_id: "N_123456789012345678"
    state: deleted
    config:
      - "{{ expected_config }}"
  register: delete_result
Assert Resource Was Deleted 
- name: Assert resource was deleted
  ansible.builtin.assert:
    that:
      - delete_result is changed
      - delete_result is not failed
---
# Manage Meraki wireless Air Marshal (rogue AP detection) — create or update

- name: Define expected configuration
  ansible.builtin.set_fact:
    expected_config:
      type: access
      default_policy: example
      ssid: example

- name: Create wireless_air_marshal_rules with merged state
  cisco.meraki_rm.meraki_wireless_air_marshal_rules:
    network_id: "N_123456789012345678"
    state: merged
    config:
      - "{{ expected_config }}"
  register: merge_result

- name: Assert resource was created
  ansible.builtin.assert:
    that:
      - merge_result is changed
      - merge_result.config | length == 1

- name: Compare expected paths to result (subset check)
  ansible.builtin.set_fact:
    path_check: "{{ expected_paths | cisco.meraki_rm.path_contained_in(result_paths) }}"
  vars:
    expected_paths: "{{ expected_config | ansible.utils.to_paths }}"
    result_paths: "{{ merge_result.config[0] | ansible.utils.to_paths }}"

- name: Assert all expected fields are present and match
  ansible.builtin.assert:
    that: path_check.contained | bool
    success_msg: "{{ success_msg }}"
    fail_msg: "{{ fail_msg }}"
  vars:
    success_msg: "All expected fields match. Extras: {{ path_check.extras }}"
    fail_msg: "Missing or mismatch: {{ path_check.missing }}. Extras: {{ path_check.extras }}"

# Manage Meraki wireless Air Marshal (rogue AP detection) — full resource replacement

- name: Define replacement configuration
  ansible.builtin.set_fact:
    expected_config:
      type: access
      default_policy: example
      ssid: example

- name: Replace wireless_air_marshal_rules configuration
  cisco.meraki_rm.meraki_wireless_air_marshal_rules:
    network_id: "N_123456789012345678"
    state: replaced
    config:
      - "{{ expected_config }}"
  register: replace_result

- name: Assert resource was replaced
  ansible.builtin.assert:
    that:
      - replace_result is changed
      - replace_result.config | length == 1

- name: Compare expected paths to result (subset check)
  ansible.builtin.set_fact:
    path_check: "{{ expected_paths | cisco.meraki_rm.path_contained_in(result_paths) }}"
  vars:
    expected_paths: "{{ expected_config | ansible.utils.to_paths }}"
    result_paths: "{{ replace_result.config[0] | ansible.utils.to_paths }}"

- name: Assert all expected fields are present and match
  ansible.builtin.assert:
    that: path_check.contained | bool
    success_msg: "{{ success_msg }}"
    fail_msg: "{{ fail_msg }}"
  vars:
    success_msg: "All expected fields match. Extras: {{ path_check.extras }}"
    fail_msg: "Missing or mismatch: {{ path_check.missing }}. Extras: {{ path_check.extras }}"

# Manage Meraki wireless Air Marshal (rogue AP detection) — remove configuration

- name: Define resource to delete
  ansible.builtin.set_fact:
    expected_config:
      type: access

- name: Delete wireless_air_marshal_rules configuration
  cisco.meraki_rm.meraki_wireless_air_marshal_rules:
    network_id: "N_123456789012345678"
    state: deleted
    config:
      - "{{ expected_config }}"
  register: delete_result

- name: Assert resource was deleted
  ansible.builtin.assert:
    that:
      - delete_result is changed
      - delete_result is not failed

Return Values

config
list — returned: always
The resulting resource configuration.