Organization Policy Objects and Groups Configuration

Dashboard Location: Organization > Configure > Policy Objects

Centralized Network Policy Object Management and Security Group Configuration

Organization policy objects and groups configuration in Meraki provides administrators with comprehensive network object definition capabilities, enabling centralized security policy management, reusable network definitions, scalable firewall rule creation, and consistent security enforcement across multiple networks. This functionality supports network segmentation strategies, security policy standardization, firewall rule optimization, access control consistency, and centralized object management while providing efficient policy deployment and maintenance capabilities. Policy objects are essential for enterprise security architectures, consistent rule enforcement, scalable policy management, compliance standardization, and maintaining organized security infrastructure while supporting complex network environments and multi-site deployments.

Diagram

Classes

organizations (meraki.domains)

Name	Type	Constraint	Mandatory	Default Value
policy_objects	List	`[policy_objects]`	No
policy_objects_groups	List	`[policy_objects_groups]`	No

policy_objects (meraki.domains.organizations)

Name	Type	Constraint	Mandatory
name	String	min: `1`, max: `127`	No
category	Choice	`adaptivePolicy`, `network`	No
type	Choice	`adaptivePolicyIpv4Cidr`, `cidr`, `fqdn`, `ipAndMask`	No
cidr	String	Regex: `^(?i:any\|(\d{1,3}\.){3}\d{1,3}(\/\d{1,2})?)(,(any\|(\d{1,3}\.){3}\d{1,3}(\/\d{1,2})?))*$`	No
fqdn	String	min: `1`, max: `1024`	No
mask	String	Regex: `^(255\|254\|252\|248\|240\|224\|192\|128\|0+)(\.0\|\.128\|\.192\|\.224\|\.240\|\.248\|\.252\|\.254\|\.255){0,3}$`	No
ip	IP		No
group_names	List	String[min: `1`, max: `127`]	No

policy_objects_groups (meraki.domains.organizations)

Name	Type	Constraint	Mandatory
name	String	min: `1`, max: `127`	No
category	Choice	`NetworkObjectGroup`, `GeoLocationGroup`, `PortObjectGroup`, `ApplicationGroup`	No
object_names	List	String[min: `1`, max: `127`]	No

Examples

Example-1: The example below demonstrates organization policy objects configuration using tested YAML configuration from pipeline fixtures.

meraki:
  domains:
    - name: "!env domain"
      administrator:
        name: "!env org_admin"
      organizations:
        - name: "!env org"
          policy_objects:
            - name: test cidr
              category: network
              type: cidr
              cidr: 10.0.0.0/24
            - name: test fqdn
              category: network
              type: fqdn
              fqdn: www.cisco.com
          policy_objects_groups:
            - name: test cidr
              category: NetworkObjectGroup
              object_names:
                - test cidr # This references the "test" policy object by name
            - name: test fqdn
              category: NetworkObjectGroup
              object_names:
                - test fqdn # This references the "test" policy object by name

Configuration Parameters

Parameter	Type	Required	Description
`policy_objects`	array	No	Policy object definitions
`policy_objects[].name`	string	Yes	Policy object name
`policy_objects[].category`	string	Yes	Object category (network)
`policy_objects[].type`	string	Yes	Object type (cidr, fqdn)
`policy_objects[].cidr`	string	Conditional	CIDR notation (required for cidr type)
`policy_objects[].fqdn`	string	Conditional	Fully qualified domain name (required for fqdn type)
`policy_objects_groups`	array	No	Policy object group definitions
`policy_objects_groups[].name`	string	Yes	Group name
`policy_objects_groups[].category`	string	Yes	Group category
`policy_objects_groups[].object_names`	array	Yes	Referenced object names