Skip to content
Network as Code

ACL

Location in Dashboard: Switching >> Configure >> ACL

Diagram

Diagram

Classes

switch (meraki.domains.organizations.networks)

NameTypeConstraintMandatoryDefault Value
access_control_lists_rulesList[access_control_lists_rules]No

access_control_lists_rules (meraki.domains.organizations.networks.switch)

NameTypeConstraintMandatoryDefault Value
commentStringmin: 1, max: 127No
policyChoiceallow, denyYes
ip_versionChoiceany, ipv4, ipv6No
protocolChoiceany, tcp, udpYes
vlanAnyInteger[min: 1, max: 4094] or String[matches: `(?:[1-9][1-9][0-9][1-9][0-9]2
source_cidrStringRegex: ^(?i:any|(\d{1,3}\.){3}\d{1,3}(\/\d{1,2})?)(,(any|(\d{1,3}\.){3}\d{1,3}(\/\d{1,2})?))*$No
source_portAnyInteger[min: 0, max: 65535] or String[matches: `(?:[1-9][0-9]3[1-5][0-9]46[0-4][0-9]3
destination_cidrStringRegex: ^(?i:any|(\d{1,3}\.){3}\d{1,3}(\/\d{1,2})?)(,(any|(\d{1,3}\.){3}\d{1,3}(\/\d{1,2})?))*$No
destination_portAnyInteger[min: 0, max: 65535] or String[matches: `(?:[1-9][0-9]3[1-5][0-9]46[0-4][0-9]3

Config Sample

meraki:
    domains:
      - name: EMEA
        administrator:
            name: Foo Bar
        organizations:
          - name: Dev
            networks:
              - name: Dev-main-cx-provider
                product_types:
                - appliance
                - camera
                - switch
                - wireless
                switch:
                  access_control_lists:
                    rules:
                      - comment: tcp rules
                        policy: allow
                        ip_version: ipv4
                        protocol: tcp
                        source_cidr: any
                        source_port: any
                        destination_cidr: 1.1.1.1/24
                        destination_port: "443"
                        vlan: 100
                      - comment: Test Any rule
                        policy: allow
                        ip_version: ipv4
                        protocol: any
                        source_cidr: any
                        source_port: any
                        destination_cidr: 2.1.1.1/32
                        destination_port: any
                        vlan: any