100%
cisco.meraki_rm module meraki_wireless_ssid

meraki_wireless_ssid

module
Manage Meraki wireless SSIDs
Added in version 0.1.0
Synopsis Parameters Sample Task Examples Return Values

Synopsis

  • Manage wireless SSIDs for a Meraki network.
  • SSIDs are numbered 0-14 and always exist; no create or delete.
  • Supports merged, replaced, and gathered states.

Author

Cisco Meraki

Parameters

config (list/dict)

List of SSID configurations.

auth_mode (str)
openpsk8021x-meraki8021x-radiusipsk-with-radiusipsk-without-radius

Authentication mode.

availability_tags (list/str)

AP tags for SSID availability (when available_on_all_aps is false).

available_on_all_aps (bool)

Whether the SSID is broadcast on all APs.

band_selection (str)
DSSSFHSS802.11a802.11b/g802.11g only802.11a/n802.11g/n802.11b/g/n802.11a/n/ac802.11a/n/ac/ax (Wi-Fi 6)802.11b/g/n/ax (Wi-Fi 6)

Band selection for the SSID.

default_vlan_id (int)

Default VLAN ID for all other APs.

enabled (bool)

Whether the SSID is enabled.

encryption_mode (str)

Encryption mode for the SSID.

ip_assignment_mode (str)
NAT modeBridge modeLayer 3 roamingLayer 3 roaming with a concentratorVPN

Client IP assignment mode.

min_bitrate (float)

Minimum bitrate in Mbps.

name (str)

SSID name.

number (int) required

SSID number (0-14). Required for merged and replaced.

per_client_bandwidth_limit_down (int)

Per-client download bandwidth limit in Kbps (0 = no limit).

per_client_bandwidth_limit_up (int)

Per-client upload bandwidth limit in Kbps (0 = no limit).

per_ssid_bandwidth_limit_down (int)

Per-SSID download bandwidth limit in Kbps (0 = no limit).

per_ssid_bandwidth_limit_up (int)

Per-SSID upload bandwidth limit in Kbps (0 = no limit).

psk (str)

Pre-shared key (for PSK auth). Write-only; not returned by API.

splash_page (str)
NoneClick-through splash pageBillingPassword-protected with Meraki RADIUSPassword-protected with custom RADIUSPassword-protected with Active DirectoryPassword-protected with LDAPSMS authenticationSystems Manager SentryFacebook Wi-FiGoogle OAuthSponsored guest

Splash page type.

use_vlan_tagging (bool)

Whether to use VLAN tagging.

visible (bool)

Whether the SSID is advertised (visible) or hidden.

vlan_id (int)

VLAN ID for VLAN tagging.

wpa_encryption_mode (str)
WPA1 and WPA2WPA2 onlyWPA3 Transition ModeWPA3 only

WPA encryption mode.

network_id (str) required

The network ID.

state (str)
mergedreplacedgathered

The state of the resource.

Sample Task

A template task showing all available parameters with their defaults or example values. 

- name: Meraki Wireless Ssid task
  cisco.meraki_rm.meraki_wireless_ssid:
    network_id: "192.168.1.0/24"
    config:
      - number: 0
        auth_mode: open
        availability_tags:
          - "availability_tags_item"
        available_on_all_aps: true
        band_selection: DSSS
        default_vlan_id: 0
        enabled: true
        encryption_mode: "0644"
        ip_assignment_mode: NAT mode
        min_bitrate: 0.0
        name: "example_name"
        per_client_bandwidth_limit_down: 0
        per_client_bandwidth_limit_up: 0
        per_ssid_bandwidth_limit_down: 0
        per_ssid_bandwidth_limit_up: 0
        psk: "psk_value"
        splash_page: None
        use_vlan_tagging: true
        visible: true
        vlan_id: 0
        wpa_encryption_mode: WPA1 and WPA2
    state: merged
- name: Meraki Wireless Ssid task
  cisco.meraki_rm.meraki_wireless_ssid:
    network_id: "192.168.1.0/24"
    config:  # optional
      - number: 0
        auth_mode: open  # optional
        availability_tags:  # optional
          - "availability_tags_item"
        available_on_all_aps: true  # optional
        band_selection: DSSS  # optional
        default_vlan_id: 0  # optional
        enabled: true  # optional
        encryption_mode: "0644"  # optional
        ip_assignment_mode: NAT mode  # optional
        min_bitrate: 0.0  # optional
        name: "example_name"  # optional
        per_client_bandwidth_limit_down: 0  # optional
        per_client_bandwidth_limit_up: 0  # optional
        per_ssid_bandwidth_limit_down: 0  # optional
        per_ssid_bandwidth_limit_up: 0  # optional
        psk: "psk_value"  # optional
        splash_page: None  # optional
        use_vlan_tagging: true  # optional
        visible: true  # optional
        vlan_id: 0  # optional
        wpa_encryption_mode: WPA1 and WPA2  # optional
    state: merged  # optional
- name: Meraki Wireless Ssid task
  cisco.meraki_rm.meraki_wireless_ssid:
    network_id: "192.168.1.0/24"  # (str, required) The network ID.
    config:  # (list, optional) List of SSID configurations.
      - number: 0  # (int, required) SSID number (0-14). Required for merged and replaced.
        auth_mode: open  # (str, optional) Authentication mode.
        availability_tags:  # (list, optional) AP tags for SSID availability (when available_on_all_aps ...
          - "availability_tags_item"
        available_on_all_aps: true  # (bool, optional) Whether the SSID is broadcast on all APs.
        band_selection: DSSS  # (str, optional) Band selection for the SSID.
        default_vlan_id: 0  # (int, optional) Default VLAN ID for all other APs.
        enabled: true  # (bool, optional) Whether the SSID is enabled.
        encryption_mode: "0644"  # (str, optional) Encryption mode for the SSID.
        ip_assignment_mode: NAT mode  # (str, optional) Client IP assignment mode.
        min_bitrate: 0.0  # (float, optional) Minimum bitrate in Mbps.
        name: "example_name"  # (str, optional) SSID name.
        per_client_bandwidth_limit_down: 0  # (int, optional) Per-client download bandwidth limit in Kbps (0 = no limit).
        per_client_bandwidth_limit_up: 0  # (int, optional) Per-client upload bandwidth limit in Kbps (0 = no limit).
        per_ssid_bandwidth_limit_down: 0  # (int, optional) Per-SSID download bandwidth limit in Kbps (0 = no limit).
        per_ssid_bandwidth_limit_up: 0  # (int, optional) Per-SSID upload bandwidth limit in Kbps (0 = no limit).
        psk: "psk_value"  # (str, optional) Pre-shared key (for PSK auth). Write-only; not returned b...
        splash_page: None  # (str, optional) Splash page type.
        use_vlan_tagging: true  # (bool, optional) Whether to use VLAN tagging.
        visible: true  # (bool, optional) Whether the SSID is advertised (visible) or hidden.
        vlan_id: 0  # (int, optional) VLAN ID for VLAN tagging.
        wpa_encryption_mode: WPA1 and WPA2  # (str, optional) WPA encryption mode.
    state: merged  # (str, optional) The state of the resource.

Examples

Define Expected Configuration 
- name: Define expected configuration
  ansible.builtin.set_fact:
    expected_config:
      number: 1
      name: Test-Config
      enabled: true
      auth_mode: open
      encryption_mode: wpa
      psk: testpassword123
      wpa_encryption_mode: WPA1 and WPA2
      ip_assignment_mode: NAT mode
Create Wireless_ssid With Merged State 
- name: Create wireless_ssid with merged state
  cisco.meraki_rm.meraki_wireless_ssid:
    network_id: "N_123456789012345678"
    state: merged
    config:
      - "{{ expected_config }}"
  register: merge_result
Assert Resource Was Created 
- name: Assert resource was created
  ansible.builtin.assert:
    that:
      - merge_result is changed
      - merge_result.config | length == 1
Compare Expected Paths To Result (subset Check) 
- name: Compare expected paths to result (subset check)
  ansible.builtin.set_fact:
    path_check: "{{ expected_paths | cisco.meraki_rm.path_contained_in(result_paths) }}"
  vars:
    expected_paths: "{{ expected_config | ansible.utils.to_paths }}"
    result_paths: "{{ merge_result.config[0] | ansible.utils.to_paths }}"
Assert All Expected Fields Are Present And Match 
- name: Assert all expected fields are present and match
  ansible.builtin.assert:
    that: path_check.contained | bool
    success_msg: "{{ success_msg }}"
    fail_msg: "{{ fail_msg }}"
  vars:
    success_msg: "All expected fields match. Extras: {{ path_check.extras }}"
    fail_msg: "Missing or mismatch: {{ path_check.missing }}. Extras: {{ path_check.extras }}"
Task Output:
# Manage Meraki wireless SSIDs — full resource replacement
Define Replacement Configuration 
- name: Define replacement configuration
  ansible.builtin.set_fact:
    expected_config:
      number: 1
      name: Replaced-Config
      enabled: false
      auth_mode: psk
      encryption_mode: wpa
      psk: testpassword123
      wpa_encryption_mode: WPA2 only
      ip_assignment_mode: Bridge mode
Replace Wireless_ssid Configuration 
- name: Replace wireless_ssid configuration
  cisco.meraki_rm.meraki_wireless_ssid:
    network_id: "N_123456789012345678"
    state: replaced
    config:
      - "{{ expected_config }}"
  register: replace_result
Assert Resource Was Replaced 
- name: Assert resource was replaced
  ansible.builtin.assert:
    that:
      - replace_result is changed
      - replace_result.config | length == 1
Compare Expected Paths To Result (subset Check) 
- name: Compare expected paths to result (subset check)
  ansible.builtin.set_fact:
    path_check: "{{ expected_paths | cisco.meraki_rm.path_contained_in(result_paths) }}"
  vars:
    expected_paths: "{{ expected_config | ansible.utils.to_paths }}"
    result_paths: "{{ replace_result.config[0] | ansible.utils.to_paths }}"
Assert All Expected Fields Are Present And Match 
- name: Assert all expected fields are present and match
  ansible.builtin.assert:
    that: path_check.contained | bool
    success_msg: "{{ success_msg }}"
    fail_msg: "{{ fail_msg }}"
  vars:
    success_msg: "All expected fields match. Extras: {{ path_check.extras }}"
    fail_msg: "Missing or mismatch: {{ path_check.missing }}. Extras: {{ path_check.extras }}"
Task Output:
# Manage Meraki wireless SSIDs — gather current configuration
Gather Current Wireless_ssid Configuration 
- name: Gather current wireless_ssid configuration
  cisco.meraki_rm.meraki_wireless_ssid:
    network_id: "N_123456789012345678"
    state: gathered
  register: gathered
Assert Gathered Config Is Not Empty 
- name: Assert gathered config is not empty
  ansible.builtin.assert:
    that:
      - gathered.config is defined
      - gathered.config | length > 0
    fail_msg: "Gathered config is empty — expected at least one resource"
Display Gathered Configuration 
- name: Display gathered configuration
  ansible.builtin.debug:
    var: gathered.config
---
# Manage Meraki wireless SSIDs — create or update

- name: Define expected configuration
  ansible.builtin.set_fact:
    expected_config:
      number: 1
      name: Test-Config
      enabled: true
      auth_mode: open
      encryption_mode: wpa
      psk: testpassword123
      wpa_encryption_mode: WPA1 and WPA2
      ip_assignment_mode: NAT mode

- name: Create wireless_ssid with merged state
  cisco.meraki_rm.meraki_wireless_ssid:
    network_id: "N_123456789012345678"
    state: merged
    config:
      - "{{ expected_config }}"
  register: merge_result

- name: Assert resource was created
  ansible.builtin.assert:
    that:
      - merge_result is changed
      - merge_result.config | length == 1

- name: Compare expected paths to result (subset check)
  ansible.builtin.set_fact:
    path_check: "{{ expected_paths | cisco.meraki_rm.path_contained_in(result_paths) }}"
  vars:
    expected_paths: "{{ expected_config | ansible.utils.to_paths }}"
    result_paths: "{{ merge_result.config[0] | ansible.utils.to_paths }}"

- name: Assert all expected fields are present and match
  ansible.builtin.assert:
    that: path_check.contained | bool
    success_msg: "{{ success_msg }}"
    fail_msg: "{{ fail_msg }}"
  vars:
    success_msg: "All expected fields match. Extras: {{ path_check.extras }}"
    fail_msg: "Missing or mismatch: {{ path_check.missing }}. Extras: {{ path_check.extras }}"

# Manage Meraki wireless SSIDs — full resource replacement

- name: Define replacement configuration
  ansible.builtin.set_fact:
    expected_config:
      number: 1
      name: Replaced-Config
      enabled: false
      auth_mode: psk
      encryption_mode: wpa
      psk: testpassword123
      wpa_encryption_mode: WPA2 only
      ip_assignment_mode: Bridge mode

- name: Replace wireless_ssid configuration
  cisco.meraki_rm.meraki_wireless_ssid:
    network_id: "N_123456789012345678"
    state: replaced
    config:
      - "{{ expected_config }}"
  register: replace_result

- name: Assert resource was replaced
  ansible.builtin.assert:
    that:
      - replace_result is changed
      - replace_result.config | length == 1

- name: Compare expected paths to result (subset check)
  ansible.builtin.set_fact:
    path_check: "{{ expected_paths | cisco.meraki_rm.path_contained_in(result_paths) }}"
  vars:
    expected_paths: "{{ expected_config | ansible.utils.to_paths }}"
    result_paths: "{{ replace_result.config[0] | ansible.utils.to_paths }}"

- name: Assert all expected fields are present and match
  ansible.builtin.assert:
    that: path_check.contained | bool
    success_msg: "{{ success_msg }}"
    fail_msg: "{{ fail_msg }}"
  vars:
    success_msg: "All expected fields match. Extras: {{ path_check.extras }}"
    fail_msg: "Missing or mismatch: {{ path_check.missing }}. Extras: {{ path_check.extras }}"

# Manage Meraki wireless SSIDs — gather current configuration

- name: Gather current wireless_ssid configuration
  cisco.meraki_rm.meraki_wireless_ssid:
    network_id: "N_123456789012345678"
    state: gathered
  register: gathered

- name: Assert gathered config is not empty
  ansible.builtin.assert:
    that:
      - gathered.config is defined
      - gathered.config | length > 0
    fail_msg: "Gathered config is empty — expected at least one resource"

- name: Display gathered configuration
  ansible.builtin.debug:
    var: gathered.config

Return Values

config
list — returned: always
The resulting resource configuration.